Map SQL-based users

Instead of using the attributes provided by the Identity provider to determine things like the user's display name or Anaplan XL Web Role membership, you can specify a stored procedure to use as well.

Attributes will either replace or combine with the service provider's ones, depending on each one.

The stored procedure must be created in the Anaplan XL Web SQL Database. The XLCUBED_USER database role must have access to it. Here's an example procedure:

CREATE proc [dbo].[ap_ValidateUser] @identity nvarchar(500) as select 'Joe Blogs' as cDisplayName, 3 as nRoleID, 'cubeuser' as cEffectiveUser

The @identity will be the value provided as the NameID from the provider. The stored procedure can return several rows, one for each "nRoleID" needed. Only the first row will be used for other attributes.

Every field is optional and can include:

Anaplan XL Web Database:

AllUsers - contains a list of all the users

• nUserID - an identity to identify the user internally
• cEmail - email of the user
• cFirstName - First name of the user
• cLastName - Last name of the user

UserToGroup - contains a list of all the groups a user belongs to - the Anaplan XL Web roles match the group name

• nUserID - an identity to identify the user internally
• cGroupName - the group a user is a member of

You would then create the Roles to match the "cGroupName" and assign the permissions required using the FluenceXLWeb config application

CREATE proc [dbo].[ap_ValidateUser] @identity nvarchar(500) as select U.cFirstName + ' ' + U.cLastName as cDisplayName, R.nRoleID as nRoleID from AllUsers U Join UserToGroup G on G.nUserID = U.nUserID Join [Role].[XL3Roles] R on R.cDescription = G.cGroupName where U.cEmail = @identity