Hi Doug,
Thanks for the response! We're trying to set up a unified community environment that includes Lithium for discussions, MindTouch for docs, and our own solution as a public demo. We'd prefer not to burden our community members with three separate logins to interact with various aspects of the environment. All three components support SAML 2.0, and we have customers using Okta for their SSO authentication. The stumbling point is around user creation: even if the SSO can authenticate that login and password matches, if there isn't an account for that user in the application database then the user can't log in. One component that seems important for generalized is Just-in-Time Provisioning for SAML, and I can't find info around that for Lithium. Both MindTouch and our application support automatically creating new user accounts if the SSO authentication is accepted. The Okta engineers mentioned that they aren't sure how to do the Lithium integration without custom coding to the Lithium API because Lithium doesn't have an Okta integration plugin.
Our situation seems like something that would be a relatively common use case these days given the proliferation of cloud-based solutions. We're still relatively early in our go-live process but on an accelerated schedule. We've asked for a technical contact at Lithium who could help us better understand the capabilities and limitations, but haven't had those conversations just yet. The API looks relatively simple, but it's always the corner-cases that make custom code complicated :-)
Any additional insight you could shed on the situations and our options?
Thanks again and take care,
Miroslav
