Automatically Creating Users from a SAML Response


Commvault users can be automatically created from SAML identity provider (IdP) responses that contain a user's email address. The users are identified by their SMTP address. After a user is automatically created, that user can be automatically added to a user group.


  1. From the navigation pane, go to Manage > Security > Identity server.

    The Identity servers page appears.

  2. In the Application name column, click the application name.

    The application details page appears.

  3. Under General, move the Auto create user toggle key to the right.

  4. To automatically add users to a user group, choose the user group:

    1. To the right of User group, click Edit.

      The Edit default user group dialog box appears.

    2. In the User group list, click the user group to associate with the users who are automatically created.

    3. Click Save.

  5. To associate specific users with a domain, under Identity redirect rule, click Add identity redirect rule.

    The Add identity redirect rule page appears.

    Note: When a SAML app is added, a redirect rule is created using the domain name and SMTP address.

  6. Optional: In the Domain name box, select an existing domain, or type a new domain name. The users that are automatically created are added to the selected domain.

  7. In the Associated SMTP box, enter an SMTP address, and then click Add.

    Note: You can add multiple SMTP addresses for a single identity redirect rule.

    The SMTP address identifies the users who need to be automatically created.

  8. Click Save.

Mapping SAML Attributes