How to mass update existing Employee records with a new Authentication Provider external login

Version 1

    Details

    When a new Authentication Provider is added to a tenant where the Employee records are already in the system, it may be necessary to mass update the Employee records with the new Authentication Provider records, so they can log in using Single Sign-On.


    Resolution

     

    Step 1:

    Identify the Authentication Provider RecId:
    1. Log in to the tenant with the Administrator role
    2. Go to Configure Application
    3. Go to Business Objects -> Authentication Provider
    4. Go to Fields -> RecId
    5. Uncheck ‘Hidden from UI’ 
    6. Click Save
    7. Go to Forms
    8. Open the appropriate Form for the type of Authentication Provider being added
    9. Add the Record Identifier field to the form. 
    10. Click Save
    11. Go back to the Client UI
    12. Go to More... -> Authentication Provider
    13. Copy the RecId for use later

    Step 2:

    Create a Composite quick action on the Employee object:
    • The first portion is an 'Update Object' action, setting the IsExternalAuth checkbox to 'true'
    • The second portion is an 'Insert Child Object' action:
    1. Set "Select Child Object Type" to the relationship used between Employee and External Login, e.g. "Frs_ExternalLoginAssocProfileEmployee”
    2. Fill in the fields with the desired information. The following fields are required:
    3. AuthProvider_Category = Value must be “Frs_AuthenticationProvider”
    4. AuthProvider = Value is the RecId of the Authentication Provider record from Step 1
    5. OwnerId = Value is “$(RecId)” (to link to the employee record)
    6. Login = Value is the field on Employee storing their login format for SSO, e.g. $(NetworkUsername) or $(PrimaryEmail)
    7. Set the Quick Action to automatically save when run from the UI
    8. Publish it to the Admin role
    9. Name it
    10. Save

    Step 3:
    (if some records already have this Authentication Provider attached)

    • Create a saved search that returns all Employee records with the criteria:
    'Is Related To' - zero - External Login via Frs_ExternalLoginAssocProfileEmployee (0...1 : 0...N)

    This returns all Employee records that do not already have an External Login record attached.

    Step 4:
    1. Open the Employee workspace
    2. Run the saved Search from Step 3
    3. Set Page Size to 100
    4. Highlight the results, and run the new quick action from Step 2 the Action Menu
    5. Repeat for each page of results