Roles to groups | Voters

Roles to groups

Oz Giat

Currently, you cannot assign roles to SSO groups. This means that whenever a new user is logging in, you need to assign it the roles.

Having the possibility to assign roles to groups will enable us to manage user permissions on groups level through the SSO.

Created by Omri Gez

December 5, 2023

Mark Tarry

I've also encountered this problem, we have a dedicated Entra security group for those who should be granted admin access to Port.

I've not tested this, but a Port automation could theoretically work around this:

Trigger:
ENTITY_CREATED
for the
_user
blueprint
Condition: check for user entity being a member of specific teams

- That is, assuming you've synced teams/groups from the SSO Identity Provider

Invocation method: Update the
_user
entity to adjust roles

Scott Munro

+1 At present we can have a mismatch between what a users AD group and their port permissions are after gaining access if an admin changes it in Port.