Adding external IdP roles
Create external IdP roles to allow users to log in to a cloud portal with their organization's user credentials using a third-party ID provider.
Before you can create external IdP roles, you must create a permission profile. See Permission profiles.
|
IdP roles are a limited beta feature. |
To add an external user role:
- Select Users from the left-hand navigation menu. The Users page opens.
- Click Add New > External IdP User. The External IdP Role page opens.
- In the Role Name field, type the name of the role.
- (Optional) In the Description field, enter a description of the role.
- From the Permission Scope dropdown, select an asset folder.
- In the Permissions Profile dropdown, select a profile. The Permission Details assigned to the selected profile are displayed.
If the SysAdmin profile is selected, a message will display instead of portal cards to denote that the user has full access to all portals.
- Click Add Role.
After the IAM user is created, the IAM user account holder is required to perform a validation check.
Managing external IdP roles
You can manage external IdP roles from the Users page, including enabling, disabling, and deleting users.
To delete a role:
- Select Users from the left-hand navigation menu. The Users page opens.
- Select a role from the list.
- Click Delete. The Delete Third Party IdP Role(s) dialog is displayed.
- Click Confirm.
To disable a role:
- Select Users from the left-hand navigation menu. The Users page opens.
- Select a role from the list.
- Click Disable. The Disable User Third Party IdP Role(s) dialog is displayed.
- Click Confirm.
To enable a role:
- Select Users from the left-hand navigation menu. The Users page opens.
- Double-click the disabled role. The Manage External IdP Roles ><name> pane opens.
- Click Edit.
- From the Status dropdown, select active.
- Click Update.