Access Management

It would be nice to add an attribute to users that marks if the user has access to the admin panel. This attribute could be used in elastic to detect unusual Admin behavior. Also it could be used for increased security in Portal Access rules to force users with Admin access to always use MFA.

Support SAML Metadata import to prefil SAML Application Configuration for Generic SAML Application. - I currently do some SAML Implementations and sometimes only get the MetadataFile. If we had some kind of Import - we could a) extract the certificate and add it to HelloID and also extract Issuer URL and Stuff to prefill the configuration

As an administrator, it would be nice to be able to delete a user custom attribute. For example, its annoying if you make a typo in a name, it will be there forever.

I would like to be able to map a role (or group if role is not possible) to users who are created in HelloID, by a SAML IDP (JIT). Currently the SAML IDP mapping does not support mapping roles.

To better comply with licensing and data restrictions. It would nice if the Active Directory sync could limit users synced not only by OU but by group membership and/or attribute value.

Is there already an option within HelloID to reset your password just like in SSPRM ( Self-Service Reset Password Management) This would be very useful.

To get a safe login to apps we want to use HelloID app to start an other mobile app with SSO.

It would be nice to have a possibility to force a specific group of users to use, for example, SMS as 2FA method, while we want to force other users to use the Authenticator App. We now have the option to select the available 2FA methods for all the users, but I want to force users to use a specific one when they are member of a specific group.

An customer, uses an application that needs an variable in the application URL with the Users mail value, so the SSO can recognize the user on the shared interface and redirect the user back to the SSO (hello-id) and do a real SSO without user interaction.

It would be very useful to be able to upload a transparent company icon. It can blend in with the portal background color as well as the Provisioning email background color. At the moment any uploaded company is converted to a JPG which doesn't support transparency. Weird, because the default (ID) icon is a PNG.