Provisioning protocol or authorization mechanism in Anaplan

Hello

We’re currently evaluating a solution deployed on Anaplan for our company and we have some questions regarding authorization considering that we’ll be using SAML2 for the authentication part. More specifically,

Is it possible to detect access right using SAML claims in Anaplan?
If not, do you have some user provisioning API, one supporting the SCIM protocol for example, so that we could automatically manage user accesses instead of depending on manual management through the platform?

Accepted answers

All comments

PaulRitner

Hello,

I'm a functional user, so I'm pretty sure I don't understand your question... but figured I'd chime in to learn.

Here's what I do know:

User settings can be imported and exported via the API in the same way any other Anaplan data can be imported & exported (i.e. via the calling of Anaplan import/export definitions).

With the above in mind, we can accomplish the following via automated (integration) processes:

Set security by loading changes via an Anaplan Import definition
Obtain an Anaplan Model's security settings via an Anaplan Export definition. (in this sense, I don't think SAML has any special ability or access to detect access rights... it would have to be done by exporting user access and consuming it somehow)

The only interaction SAML will have (from a security administration standpoint) is authenticating into Anaplan. Once logged into Anaplan, user access within the Anaplan Application itself is defined within Anaplan (not via single sign-on). In this context, I don't think there's any way to influence security otherwise via SAML.

Let's see if we get some other replies.

Regards,

Paul

cpanzani

Thank you Paul.

As it is a technical question, I have just create a ticket to the Anaplan's support.

Regards

Cathy

Ernie_Goff

Cathy -

I'm just following-up on this topic... Did you receive the information from Anaplan Support that you needed?

Functionally speaking Paul is correct. At present, we typically configure Anaplan Modules, Actions, and Processes to inherit changes from a customer's identity management systems. There is a design example on the App Hub.

Please do head over to the Idea Exchange on Community and let us know if this is a feature/capability that would be useful to you.

Ernie

Quick Links

Can you help?

Unanswered questions

Unable to use one page for multiple DEV models that are partially in sync
Hello, Our model builders are normally making changes to all structural changes in a DEV model. Because we are now in a Prod freeze and we don't want to move structural changes to PROD until end of year, we created a copy of the DEV model (standard mode) - 'DEV2' model, where we are only making changes to urgent issues…
Anaplan for Microsoft 365
Using the excel addin for Microsoft 365 when I try to add a card to import data I get the message 'Cannot insert data from a custom view'. I am not using a custom view. Any ideas what I am missing here?
Data Split between Many to Many Relationship Mappings
Hello Anaplan Community, I am encountering an issue with one of my development work and would be greatly appreciated your assistance. There are 2 different modules involved in my model: 1) INP01 Percentage Input by Product (Applies To: P3 List) 2) REP01 Percentage Split by Department (Applies To: Departments List) The…