Skip to main content
Skip table of contents

How to Map Identity Provider Roles in the IGEL UMS Web App

If you assign an Identity Provider (IdP) role to a user group in the IGEL Universal Management Suite (UMS), you can use this mapping to control permissions.

When a user logs in via Single Sign-On (SSO) and their IdP role matches the mapped role, they are automatically added to the corresponding UMS user group. The user then receives all permissions assigned to that group.

You can also map IdP roles in the UMS Console, see Administrator Accounts in the IGEL UMS .


Prerequisites

Permission Requirement

The Identity Provider tab is only visible for users with the Administrator accounts permission.

Mapping the IdP Roles

To map the roles created in your IdP to user groups in your UMS:

  1. Go to User Management > Identity Provider Roles.

  1. Click Create.

image-20250516-120103.png
  1. Under IDP Role name, add the value of the role configured in your IdP.

IdP Role names are case-sensitive, so the value should be exactly the same, as in your IdP client.

  1. Select the groups to assign the IdP role.

image-20250516-120440.png

  1. Save the IdP role.

The new IdP role gets listed under the Identity Provider Roles. You can manage the role either by selecting from the list or by navigating to it in the structure tree.

image-20250516-191634.png

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.