Login Workflow

• If the user has a user record on a single tenant on Security Cloud Control, Security Cloud Control grants the user access to the tenant and the user's role determines the actions they can take.

• If the user has a user record on more than one tenant, Security Cloud Control presents the authenticated user with a list of tenants they can choose from. The user picks a tenant and is allowed to access the tenant. The user's role on that specific tenant determines the actions they can take.

• If Security Cloud Control does not have a mapping for the authenticated user to a user record on a tenant, Security Cloud Control displays a landing page giving users the opportunity to learn more about Security Cloud Control or request a free trial.

Creating a user record in Security Cloud Control does not create an account in the IdP and creating an account in the IdP does not create a user record in Security Cloud Control.

Similarly, deleting an account on the IdP does not mean you have deleted the user record from Security Cloud Control; although, without the IdP account, there is no way to authenticate a user to Security Cloud Control. Deleting the Security Cloud Control user record does not mean you have deleted the IdP account; although, without the Security Cloud Control user record, there will be no way for an authenticated user to access a Security Cloud Control tenant.