In this article, we will look at the concepts of businessUnitsAttribute and businessUnitsMapping, and how they play a crucial role in mapping user groups or departments to specific business units in IriusRisk.
The businessUnitsAttribute represents the SAML assertion attribute that holds the returned business unit data. By default, it is set:
The businessUnitsMapping configuration is where we establish the association between your IdP groups and specific business units in IriusRisk. By defining the mappings, it ensures that users who belong to certain groups in your IdP are automatically assigned to the corresponding business units in IriusRisk.
Example mapping showing Azure Group and IriusRisk Business Unit:
Example mapping showing OKTA Group and IriusRisk Business Unit:
If you wish to map users to business units between your IdP and IriusRisk, the businessUnitsAttribute and businessUnitsMapping configurations are fundamental elements.
They allow you to map user groups or departments to specific business units within IriusRisk, ensuring streamlined access control.
By configuring the businessUnitsAttribute to hold the relevant group or department information and defining the businessUnitsMapping to establish the connections between IdP groups and business units, you can seamlessly align user roles and responsibilities from Azure or Okta to IriusRisk, providing users with the appropriate access based on their assigned business unit.