IriusRisk can integrate with SAML and allow the exiting users of the idp provider, to login the application. The IriusRisk roles that the user will have can be mapped with the groups on the provider, to manage the permissions in IriusRisk from the provider.
However, although IriusRisk supports the integration with about 4000 groups per user on platforms like Keycloak, that number could be limited depending the provider.
You can find those limits and its related documentation bellow:
The number of groups emitted in a token is limited to 150 for SAML assertions and 200 for JWT, including nested group
The number of group names that can be included in the SAML response is limited to 75
There is no documented limit on the number of groups that a user can be assigned in Okta. The only limit applies when you assign users to groups, or exclude them from a group via a group rule. You can assign a user to a maximum of 100 groups via a group rule