Eformity offers the capability to populate a user's employee profile with data from the authentication provider during login. This ensures that a user always has at least one employee profile to work with.

Requirements

• Single Sign-On (SSO) is used for login (based on AD, ADFS, or SAML).
• The employee database must be set as 'Personal Database' so that records are specific to a particular user.
• The system must know which employee database to use (configured via email settings).
• Optional but recommended: The employee database contains a field 'IsDefault' of type 'Boolean' to help the system determine which record should be kept up-to-date.

Step 1: Configure employee database in email settings

If you are using the email signature functionality of eformity.net, this is likely already configured. If not, you must complete this step. Log in with your personal credentials at yourcompanyname.eformity.net.

Step 1.1: Navigate to 'My subscription'

Click the gear icon to go to the 'My subscription' section. This icon is circled in the image below.

A new element will appear on the right side of the page. Click 'My subscription' to access the subscription section.

Step 1.2: Edit email settings

In the 'My subscription' section, you can edit the email settings. Click 'Email settings' in the menu.

A new page will open. Click the 'Edit' button in the email settings overview. Enter the correct table name in the 'Table for employees' field.

Step 2: Set up mappings

To ensure the correct data is placed into the appropriate employee fields, mappings need to be created. Mappings allow you to specify how each field should be populated.

Step 2.1: Navigate to 'System Management'

Log in to the eformity web environment and navigate to the 'System Management' section by clicking the hamburger menu icon.

A new element will appear on the left side of the page. Click on the tile titled 'System Management' to open this section.

Step 2.2: Select Identity providers

Click 'Identity providers' in the menu to open the overview of various identity providers. Select the appropriate provider by clicking on it.

In the new element, click the blue 'Edit' button in the 'Mappings' section. This is circled in the image below.

To add mappings, click the 'Add' button in the new element. This is circled in the image below.

You can now add a mapping by clicking the 'Add' button. There are mutiple types of mappings. The table below shows the different options:

Modifier	Description	Example	Notes
(none)	Copies the value from the incoming SSO claims/properties by name.	FirstName http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname	If the first name doesn’t exist in the SSO data, nothing is returned.
=	Evaluates the expression and uses the result.	=properties[""Email""] =datasources.lookup(""dxorganization"", ""displayname"", properties.getproperty(""Company/Company""), ""Id"", ""aae7e7b3-e3d4-4202-af61-6a692b780651"")	If the calculation fails, the result will be empty. Calculations can use properties, roles, and datasources. Non-text results must be converted to text (value.ToString()).
+	Only applies the mapping when the record is new. If the record exists, the value wont be mapped.	+Email +https://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone/MobilePhone	This mapping is applied only when the record is newly created. For existing records, it’s ignored.
[culture]	Writes into the culture-specific version of the record for that culture.	[nl]JobTitle [en]JobTitle	Culture is taken from between [ and ]. Everything after ] is the real expression.
?	Only maps if the field of the record is currently empty.	?LastName ?https://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone/Telephone	If the field already has a value, the mapping is skipped.
!	If the evaluated value is empty, it empties the field. If not empty, it maps normally.	!MiddleName !http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname	If evaluated value is empty and field already empty, there wont be a change. If evaluated value is not empty, it behaves like normal mapping.
	Modifiers can als be combined with eachother.	[nl]?JobTitle	The order of the modifiers must be: + [culture] ? ! = expression

Below you can find more examples for expressions:

Basics of expressions in mappings

Data can be concatenated with or without a separator, such as a space.

Concatenate two pieces of data directly:

=Properties.GetProperty("givenName") + Properties.GetProperty("sn")

Concatenate two pieces of data with a space in between:

=String.Join(Properties.GetProperty("givenName"), Properties.GetProperty("sn"), " ")

Formatting data

You can apply formatting to the transferred data. Two possible formats are:

Separate letters with dots:

=String.FormatOperation(0, Properties.GetProperty("initials"))

Use only text for hyphens:

=String.FormatOperation(1, Properties.GetProperty("sn"))

Look up data in another database

Not all data is in the same database. For example, the employee's department might be a reference to a departments database. To retrieve such a reference, you need to fetch the department key based on the attribute value.

Retrieve the 'Id' of the department from the 'Department' database by looking it up based on the 'Description' field with the attribute value:

=Datasources.Lookup("Department", "Description", Properties.GetProperty("department"), "Id")

Step 3: Enable the functionality

The final step is to enable the functionality for updating profiles with SSO. This is done again in the eformity web environment. Click the hamburger menu icon.

Step 3.1: Navigate to 'System Management'

You will now have the menu of various tiles open again. Click on the tile titled 'System Management' to open this section.

Step 3.2: Enable 'Update profile'

Click the 'Identity providers' option in the menu. Choose the appropriate identity provider by clicking on it.

Click the top blue 'Edit' button to enable the 'Update profile' option. This button is circled in the image below.

A new screen will open on the right side of the page. Check the 'Update profile' option to update the profile with SSO.