03-23-2023 06:40 AM
Hi,
We are using SAML integration for XSOAR user authentication and azure AD as an IDP. I'm bit confused in SAML role mapping in XSOAR. for eg. in Azure AD we have only one group and users are mapped to it. but in XSOAR we want to give analyst permission for few users and admin permission for few users. Will that be possible by creating 2 different roles (analyst & admin) in XSOAR and mapping same object ID under 'SAML role mapping' for both the roles? or should create different roles in azure AD as well and map corresponding object ID's in XSOAR?
Thanks
03-23-2023 07:25 AM
@DP696 wrote:
Hi,
but in XSOAR we want to give analyst permission for few users and admin permission for few users.
In this case you'll need 2 different groups in Azure AD. If you map the same group to multiple Roles in XSOAR, the users will receive both Roles.
You'll need 2 groups in Azure, and map the group ID to the Role in XSOAR that you want assigned based on that group membership.
03-23-2023 07:25 AM
@DP696 wrote:
Hi,
but in XSOAR we want to give analyst permission for few users and admin permission for few users.
In this case you'll need 2 different groups in Azure AD. If you map the same group to multiple Roles in XSOAR, the users will receive both Roles.
You'll need 2 groups in Azure, and map the group ID to the Role in XSOAR that you want assigned based on that group membership.
03-24-2023 12:01 AM
Thanks @MBeauchamp2, That's makes sense
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
