All Collections
SSO with SAML, OKTA and AzureAD
SAML, AzureAD, and OKTA Groups Support for Auto User Provisioning
SAML, AzureAD, and OKTA Groups Support for Auto User Provisioning

Assign groups to the users in Kendis based on their groups in AzureAD, OKTA and any other SAML provider

Kendis Team avatar
Written by Kendis Team
Updated over a week ago

Kendis offers the option to automatically assign the new users the groups that they have in their identity provider, e.g., AzureAD, OKTA, or any other SAML-based IDP.

Set up SAML Group ID in Kendis?

Follow these steps to configure the settings for the groups

  • Create one or more Kendis groups in Kendis (Super admins can create the group by going to settings)

  • On the group creation screen, type the name of the group

  • In the "External Group" reference field, provide the relevant group name that will come as SAML response.

  • In the case of OKTA, it can be an OKTA group name.

  • SPECIAL CASE: In the case of AzureAD, it must be a group "Object ID" reference.

Example of AzureAD Group Object ID

How it will work?

Once the SAML configuration is working properly and the user logs in at Kendis through SAML,

  • Kendis will check the groups' references sent in the SAML response.

  • Kendis will match the group name or ID in the SAML response with the "External Group Object" value in Kendis groups.

  • If the value matches, Kendis will automatically add the user to this group.

  • If the group is assigned to the "Board Collections" with a particular role then the user will get those roles automatically.

Did this answer your question?