Saviynt Forums

We have already enabled SSO and they don't want to turn it off. Is there another way to login locally? I thought API authentication was the only way if SSO wasn't disabled.

If user is newly created then you need to restart once.

also make sure   passwordexpired=0 (false) & localauthenabled=1 (true)

How can I set localauthenabled=1? I've tried via api call and it doesn't update. We don't have the customquery job option available in our version either. Do we need Sav support to set that attribute then?

As for restarts, do we also need to engage support for that?

You can do restart from UI.

update users set localauthenabled=1, passwordexpired=0  where username='apiuser' limit 1;

This is the command I've seen posted around the forums but have not figured out how to execute in our version (23.10 - I mistyped as 23.1 intially but have updated the post).

I also reviewed and followed the steps here: https://forums.saviynt.com/t5/saviynt-knowledge-base/how-to-troubleshoot-401-unauthorized-error-from...

I also read a couple posts regarding using that customquery job (which is not available in our version).

Please confirm your version is v23.1 as tagged in initial post

My mistake, I mistyped 23.10 as 23.1

I found the Application Restart services page and am restarting. Still curious as to how I can update that localauthenabled flag.

For anybody else struggling to set LocalAuthEnabled for a user on v23.7 or later - here's the "easy" solution our professional services team came up with:

1. Go to Global Configuration -> Identity Lifecycle -> Register User form -> Action -> Create
2. Create a dynamic attribute as follows:
   1. Name: LocalAuthEnabled
   2. Request Type: User
   3. Label: Set LocalAuthEnabled
   4. Attribute Type: Boolean
   5. User Column: localAuthEnabled
   6. Select Editable on Update and Hide on Create
   7. Action: Mapping
3. Go to User Modification Auto Approve and check that box.
4. Go to Home -> Update User Request -> Search the user and you will see the form being opened where you will have the Localauthenabled attribute that you created
5. Select true and submit. 
6. Repeat for other users as needed
7. Go back to User Modification Auto Approve and uncheck that box.

Thanks, I will try this out and follow up with results. Thanks for your responses thus far.

I still need to try these steps but I was able to get localAuthEnabled set to true using a csv import but still got a 401 with trying to authenticate. Restarted the server as well. Do you expect the steps you provided to function differently from updating that attribute via the csv user upload?

Perform via user update form , show values from data analyzer for api user

Is this resolved ?