Add a user to a role (SAML)

This topic describes how to add a SAML user or group to a role.

SAML users use one of the following sign-in methods: SAML user or SAML group.

To add a user to a role (SAML)

On the left, click Security > RBAC.
Click the Roles tab.
Click on the role name, then click on the Users tab.
From the Sign-in type list, select the sign-in method SAML user or SAML group.
Enter the user or the group name that you want to add.
For example, nbuadmin@my.host.com.
If your Identity Provider (IDP) returns group information in the format of (CN=groupname, DC=domainname) or domainname\groupname, you should add the group using the format groupname@domainname. However, it is also possible to configure SAML Groups in Role-Based Access Control (RBAC) without including the domain name. If your IDP returns group names without domain information, you can add those groups as plain text. Please note that using the email format is not mandatory for SAML groups.
Click Add to list.
Users that are assigned to the role must sign out and sign in again before each user's permissions are updated.