Learn about Redwood and be one of the first to join the conversation

Visit Redwood Community
Is it possible to provision Azure AD group/users automatically to Cloud Services Application Role? — Cloud Customer Connect
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Is it possible to provision Azure AD group/users automatically to Cloud Services Application Role?

Question
1
Views
0
Comments

Summary:

We are working on a project to move Planning on-prem (11.1.2.3) to EPM Cloud (IDCS 21.4.38-2112191315, PBCS 21.12.71). We are looking at having SSO, user and group provisioning integrated from Azure AD to IDCS/PBCS. Our integration partner is working on it but there seems to be an issue.


Content (required):

In IDCS, groups from Azure Group are received (with their users).

In IDCS, users from Azure Users are received (with their groups).


However, it appears that when assigning an Azure AD group (found in IDCS) to an IDCS Cloud Services Application Role, users of the Azure AD group do not get any access. Users of an IDCS group (not coming from Azure AD) do get access. In order for a user coming from an Azure AD group to have access to application, user needs to be assigned manually in IDCS to the application role or user needs to be assigned manually in IDCS to an IDCS group (group not coming from Azure AD).

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!