search cancel

Mapping users roles when SSO integrating with SAML 2.0 IdP

book

Article ID: 257543

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

After enabling SSO , customers are unable to pass the security roles from their IDP to the client net portal.

Environment

Release : 10.8.0

Cause

Federated roles mapping and federated login were not activated from the client net portal.

Resolution

Enforce at login cannot be enabled until these steps are completed:

  • Enable Federated login only for ClientNet.
  • Enter and save a valid IdP code for this customer
  • The IdP roles for this user (login name) must include Manage Users permission.