Automatic User mapping#
Argus can be set up to automatically map new users based on the claims
in the ID-token from the ID-provider.
This way, users can be managed by the ID provider, and role-based
permissions may be managed only on the group level.
Requirements#
The provider is set up with mapping for the
"name
,email
andgroups
claimsThe
groups
claim must resolve to a claim with an array of group names, which the user is member of. These are referred to as “external group names”.External group which corresponds to groups defined in Argus must be mapped explicitly using the external group name, as they appear in the “groups” claim.
A new user will only be mapped if he/she is member of at least one mapped group
Mapping groups#
curl -XPOST -H"Argus-API-Key: my/api/key" https://api.mnemonic.no/authentication/v1/openid/provider/myprovider/groupmappings -d
{
"argusGroup": "customer-soc-group",
"externalGroupName": "SOC-Users"
}