You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a customer request, which might be a useful addition to our functionality.
The customer has an Azure AD, which could be federated with our cognito platform. However, users still need to be invited via emails to receive roles in Lizard/3Di. Azure AD also has the option to only allow certain user groups to use a particular app client. In that case the customer would be able to control who is allowed to log into lizard via their Azure AD.
In a way, the customer is able to control authorization (in a simple yes/no fashion). What nens-auth-client needs to add, is automatically assign a preset role to everyone who authenticates from the customer's identity provider.
This is a customer request, which might be a useful addition to our functionality.
The customer has an Azure AD, which could be federated with our cognito platform. However, users still need to be invited via emails to receive roles in Lizard/3Di. Azure AD also has the option to only allow certain user groups to use a particular app client. In that case the customer would be able to control who is allowed to log into lizard via their Azure AD.
In a way, the customer is able to control authorization (in a simple yes/no fashion). What nens-auth-client needs to add, is automatically assign a preset role to everyone who authenticates from the customer's identity provider.
Setting would be something like:
The permissions JSON field (
{"client-org-id": [<roles>]}) is also used in the Invitation model so it is not new.What do you think @reinout of this?
The text was updated successfully, but these errors were encountered: