To reduce throttling and API limits, you can now use extra accounts or credentials during GIT and ADO restores.
CHANGELOG
🏠︎ HOME@ WEBSITE↘ FREE TRIAL✉︎ CONTACT SUPPORT

Group mapping

In this article you will learn how to configure group mapping for SAML authentication.

For IdP integration, Xopero ONE uses differentiated login levels (i.e., Admin, Backup Operator, Viewer, etc.). By default, single users are being authenticated with predefined permissions, based on the roles they are assigned. If you require multiple users to log in with consistent security policies, permissions, or access rights, you can implement group mapping.

The configuration process includes specifying two key parameters: claim type and claim value— for example, in Azure Active Directory, the following parameters refer to:

  1. Claim type - name of the custom claim defined for the application on the Azure AD side to identify the group. In this example, claim type value is set to xoperogroup.

  2. Claim value - a unique Azure AD group identifier (ID) to be mapped (not its name).

Azure AD group mapping
Group mapping configuration.

The only account not subject to group mapping permissions is the root admin— logging in using SAML with different group permissions doesn't change the root admin access level; user remains the root admin after signing in, and so do their root admin assigned permissions.

Last updated