Kendis offers the option to automatically assign the new users the groups that they have in their identity provider, e.g., AzureAD, OKTA, or any other SAML-based IDP.
Set up SAML Group ID in Kendis?
Follow these steps to configure the settings for the groups
- Create one or more Kendis groups in Kendis (Super admins can create the group by going to settings)
- On the group creation screen, type the name of the group
- In the "External Group" reference field, provide the relevant group name that will come as SAML response.
- In the case of OKTA, it can be an OKTA group name.
- SPECIAL CASE: In the case of AzureAD, it must be a group "Object ID" reference.
Example of AzureAD Group Object ID
How it will work?
Once the SAML configuration is working properly and the user logs in at Kendis through SAML,
- Kendis will check the groups' references sent in the SAML response.
- Kendis will match the group name or ID in the SAML response with the "External Group Object" value in Kendis groups.
- If the value matches, Kendis will automatically add the user to this group.
- If the group is assigned to the "Board Collections" with a particular role then the user will get those roles automatically.