on 2024 Sep 06 1:22 PM
Dear Gurus.
We are going to use Microsoft Entra as Corporate Identity Provider for access to BTP Subaccount and application. There are 2 points that need clarification.
1) How exactly we can create a role provisioning from Microsoft Entra to specific BTP subaccount?
2) When one user has different roles in different subaccounts. How the provision will distinguish between them?
I mean the same use Subaccount admin in the development subaccount and viewer only on production one?
Thank you.
Regards
Vladimir
Maybe it would be enough to allow shadow user creation and assign the Role Collection by mapping the Group provided via the Assertion.
But if shadow user creation should not be active you could define a Identity Authentication source system that only transfers user match the filter defined in the ias.group.filter property. This source system should be the one used in the target system SAP BTP XS Advanced UAA (Cloud Foundry).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
75 | |
10 | |
10 | |
10 | |
10 | |
9 | |
8 | |
7 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.