Mapping external roles
Configuring an external SSO connection alone does not deliver a consistent user experience across the enterprise. Users need their roles retained in both SSO systems. To maintain role integrity, map their external roles in Access Manager. Role mapping becomes an available option after you add an external SSO configuration.
To map an external role
- From the Access Manager Configure SSO tab, select the name of the external SSO configuration.
- Select the Role Mapping tab, and then click Add.
Enter an external role, and then select an equivalent Access Manager role.
- When you finish entering external roles and mapping their corresponding Access Manager roles, click Save.
To edit external role mappings
- From the Configure SSO tab, select the name of the external SSO configuration that contains the role mappings that you want to modify.
- Select the Role Mapping tab, and then click Edit.
- Complete the changes to the external roles:
- To change an external role name, highlight the current role name, and then type the new role name in its place.
- To add or remove role mappings, select or clear the appropriate check boxes.
- Click Save.
To delete external role mappings
- From the Configure SSO tab, select the name of the external SSO configuration that contains the role mappings you want to delete.
- Click the Role Mapping tab.
- Select the external role that you want to remove; then click Delete.
- Click Save.
Related topics
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*