Hi team,
We are moving our team member login method from Google SSO to Azure AD SSO. there are a few issues we are trying to resolve:
- Google SSO and Azure AD SSO has different emails for the same user. For instance `fam@google.com` to `fam@azure.com`. What's the recommended approach for migrating? Could we migrate users from `google.com` to `azure.com` to retain the information/ticket assigned to the users?
- We would like to redirect all users to Azure AD SSO and override the login method for certain accounts to use the Zendesk authentication method. How can we override?
- In many applications like Datadog, there is a SAML group mapping https://docs.datadoghq.com/account_management/saml/mapping/ that could be configured, but in Zendesk, it seems we must use ADFS? https://support.zendesk.com/hc/en-us/articles/4408842661530-Mapping-attributes-from-Active-Directory-with-ADFS-and-SAML What are the alternatives for SAML group mapping in zendesk?
- Finally, how would the migration affect API and OAuth tokens? For instance, after migrating from google.com to azure.com, do we need to regenerate a new API/OAuth token?
Thanks for any help in advance!
Note: This is also applicable to the Chat system by Zendesk
Regards,
Fam
