Skip to content

User and Project mapping

ArrigoHome

The email address is the unique identifier for the user. There is (yet) no way of manipulating the email address in ArrigoHome for a user, it is simply the very same. If the email address differs, it is considered as another user.

arrigo.se

The arrigo.se Account name must have an exact match with an ArrigoHome Organization ProjectID . To be able to map the ArrigoHome user to the correct arrigo.se user, the email address of the user in the specific account must have an exact match with the ArrigoHome user.

Arrigo Local

When an ArrigoHome user navigates to a Arrigo Local installation, the following steps are executed:

  1. The ArrigoHome user is cloned to a temporary local user.
  2. The group membership of the user in ArrigoHome is matched to existing groups in the Arrigo Local endpoint. The match is done via the group Name attribute.
  3. The temporary user is added to all matching groups.
  4. The user is automatically logged in and gets all access to the project through the group access entries.

Best practices

If the Arrigo Local installation is to be used with ArrigoHome, consider creating groups with clear group names. Add access entries to these groups, but no users. Use these groups also in ArrigoHome groups. In this way, one single group can be found on many Arrigo Local* installations.

A small example

An organization has three Arrigo Local installations. They also have connected their organization in ArrigoHome. A project is created in ArrigoHome and the Arrigo Local installations are connected as Endpoints in ArrigoHome. The organization administrator wants to create a group Service, which has access to all systems and installations with Service privileges. The following steps must be executed to obtain this behaviour.

Create groups in ArrigoHome

The organization administrator creates one Group in ArrigoHome with the Name Operators.

Create groups in Arrigo Local

In each of the Arrigo Local installations, followin steps are executed

  1. Groups are created with exact same name (Operators).
  2. Access to the project is set to Operator on project top level.
Map users to group in ArrigoHome

In ArrigoHome, each user which should be of type Operator is added to the group Operators. When one of these users click on any of the configured endpoints, they are redirected to the endpoint and automatically logged in to the local installation with the ArrigoHome user.