Question
How to update the email of existing users and update SSO when changing email domains for existing users?
Answer
Portfolio Manager does not support multiple IdP profiles; you must adapt the single existing SSO configuration rather than run two profiles in parallel.
Option 1: Batch/Incremental Transition
-
Go to Administration > Single Sign On and set Require ALL Users to use SSO? to No
-
Click Manage User Exceptions and move a batch of users to the SSO Disabled list
-
Have those users update the email on their profile to match the new provider
-
Once all profiles are ready, update the settings in the Setup SSO tab and test
-
Move the users back to the SSO Enabled list
Option 2: Full Transition (All at once)
-
Turn off SSO by setting Enable SSO for your Organization to No in the Manage SSO view
-
Ensure all users update the email on their profile
-
Enter your new provider details in Setup SSO and run a test
-
Turn on SSO by setting Enable SSO back to Yes