Resolving Duplicate User Issues in SSO Migration
Common scenarios
Duplicate user records are commonly observed in the following scenarios:
• Migration from an on-premises solution (e.g. Windows authentication) to a SaaS solution
• Transition from username/password authentication to SSO
Issue
During a migration to Single Sign-On (SSO), the login identifier often changes. This can result in the creation of two separate user records (Person System) in the system for the same physical person—one using the legacy login and one using the new SSO login.
As a result, users may experience issues such as unexpected password expiration prompts or loss of access rights due to mismatched identities.
Solution
To prevent duplication and preserve existing identity attributes (IdAbs) and access assignments, update the original login identifiers to match the SSO format.
To update login identifiers:
1. Access the login characteristics.
See Viewing the Characteristics of a Login.2. Update the Name of the login according to the SSO format.