SAML Role Mapping in XSOAR

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SAML Role Mapping in XSOAR

L2 Linker

Hi,

 

We are using SAML integration for XSOAR user authentication and azure AD as an IDP. I'm bit confused in SAML role mapping in XSOAR. for eg. in Azure AD we have only one group and users are mapped to it. but in XSOAR we want to give analyst permission for few users and admin permission for few users. Will that be possible by creating 2 different roles (analyst & admin) in XSOAR and mapping same object ID under 'SAML role mapping' for both the roles? or should create different roles in azure AD as well and map corresponding object ID's in XSOAR?

 

Thanks

1 accepted solution

Accepted Solutions

L4 Transporter

@DP696 wrote:

Hi,

 

but in XSOAR we want to give analyst permission for few users and admin permission for few users. 

 

 


In this case you'll need 2 different groups in Azure AD.  If you map the same group to multiple Roles in XSOAR, the users will receive both Roles.

You'll need 2 groups in Azure, and map the group ID to the Role in XSOAR that you want assigned based on that group membership.

 

 

 

View solution in original post

2 REPLIES 2

L4 Transporter

@DP696 wrote:

Hi,

 

but in XSOAR we want to give analyst permission for few users and admin permission for few users. 

 

 


In this case you'll need 2 different groups in Azure AD.  If you map the same group to multiple Roles in XSOAR, the users will receive both Roles.

You'll need 2 groups in Azure, and map the group ID to the Role in XSOAR that you want assigned based on that group membership.

 

 

 

Thanks @MBeauchamp2, That's makes sense 

  • 1 accepted solution
  • 1483 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!