How to Manage Groups via SSO
Automatically manage your CloudZero User Groups by enabling SSO management to ensure users are always in the correct group(s). Once you set up your identity provider to send groups to CloudZero, CloudZero will look for existing User Groups with a matching name and sync the appropriate users to those groups. Note: any groups without a matching name will be ignored.
OpenIDConnect
The groups claim is often a new scope in OpenIDConnect. None of our existing OpenIDConnect integrations in Auth0 currently ask for this claim.
In order for customers to send us this claim:
- Go to the SSO Integration page, scroll to step 4 and check the box 'Enable SSO for Groups'
Okta with Authorization Servers
While in the Authorization Servers settings:
-
Select default
-
Select Claims
-
Add a claim for groups
Azure
- Go to the SSO Integration page, scroll to step 4 and check the box 'Enable SSO for Groups'
SAML
- Go to the SSO Integration page, scroll to step 4 and check the box 'Enable SSO for Groups'
Updated 5 months ago