Per the attached documentation's example of a 'proxy page', the user SSO token fetch (and possible user create) should occur after the user clicks the link indicating an intention to enter access/Institute. This can be done through a proxy redirect page, or codebehind code triggered through javascript or form postback. A problem arises if a token is generated upon every user's Intranet login, because that means the user is 'created' upon login, not upon clicking the button to navigate to the site. This leads to cluttered user lists and troublesome user management, since users who have never been to the site have user records.
At what Intranet web event should the user create & token fetch processes be run?
Permanently deleted user -
Comments