I think i was able to do it.
God bless your templates!!! i saw what was wrong with my config. I used a template you got in there, saw the config and figured out what was wrong. I just had to use SSO Role instead of admin privileges, in the enforcement profile.(im still learning the universe of clearpass so be patience with me)
Okay so now i can authenticate the user via SSO as you can see here
Now Actually like i said before they are authenticating with OATH v2.0 with G Suite. That uses the Database in the endpoint for it and the social media repository. Now with this ill be using the Guest repository as well. At the end the one that will manage everything will be the Guest repository i believe
The client wants to achieve this:
1-Authenticate students with G suite(User and password of their email account)
2-Students can add, edit or delete the devices they have on their managing device page we give them(limit those devices to 2 or 3)
3-Student does not need to log in a captive portal everyday ( we use right now a mac caching and they dont need to do that, just like every week)
My questions are
1-The authentication will change from Oath 2.0 to SAML for what i want to achieve?
2-is there a way i can limit the number of devices a user can have on the guest repository like i did on the endpoint repository?
Thanks