GuidesAPI Reference

How to Manage Groups via SSO

Suggest Edits

Automatically manage your CloudZero User Groups by enabling SSO management to ensure users are always in the correct group(s). Once you set up your identity provider to send groups to CloudZero, CloudZero will look for existing User Groups with a matching name and sync the appropriate users to those groups. Note: any groups without a matching name will be ignored.

OpenIDConnect

The groups claim is often a new scope in OpenIDConnect. None of our existing OpenIDConnect integrations in Auth0 currently ask for this claim.

In order for customers to send us this claim:

  1. Go to the SSO Integration page, scroll to step 4 and check the box 'Enable SSO for Groups'

Okta with Authorization Servers

While in the Authorization Servers settings:

  1. Select default

  2. Select Claims

  3. Add a claim for groups

edit-claims-okta

claims-table

Azure

  1. Go to the SSO Integration page, scroll to step 4 and check the box 'Enable SSO for Groups'

SAML

  1. Go to the SSO Integration page, scroll to step 4 and check the box 'Enable SSO for Groups'

Updated 16 days ago