Skip to main content

Managing Staff Display Names

When Connect is integrated with an Identity Provider (IdP) using SAML-based Single Sign-On (SSO), user profile information is synchronised from the IdP to Connect each time a user signs in.

How display names are updated

During SAML configuration, administrators define Matching Attributes that Connect uses to update user records. These are:

  • First name
  • Last name

When a user authenticates via SAML, Connect updates the corresponding user record using the values returned by the IdP for these attributes.

Connect does not enforce any validation or assumptions about the meaning of these attributes. It simply stores and displays the values it receives.

Controlling what name is shown in Connect

Because Connect does not require the first name and last name attributes to contain a user’s full legal name, organisations have flexibility over what is displayed within the application (including on case timelines that may be visible to external users).

You can choose to:

  • Map the first name and/or last name fields in Connect to alternative existing attributes provided by the IdP (for example, a preferred name or another non-identifying field), or
  • Create a custom attribute in the IdP (such as Public Name, Display Name, or Connect Name) and map this attribute to the first name and/or last name fields in Connect.

This approach allows organisations to:

  • Use initials, shortened names, or agreed display names for staff users
  • Address privacy and safety concerns where staff names are visible to registered customers
  • Continue to benefit from SSO for authentication and account lifecycle management

If staff display names should differ from those stored in Active Directory or the IdP, we recommend defining a dedicated attribute in the IdP specifically for use by Connect. This keeps authentication data and public-facing display data clearly separated and easier to manage over time.