Skip to main content

Editing SAML Mappings in IriusRisk

Matthew McAlister
  • Updated

Introduction

In this support article, we will guide you through the process of editing SAML mappings to accommodate changes in your organization's structure or responsibilities.

Use Cases

Adding or Removing a Group or Role

  1. Adding a Group or Role:

    • When you create a new team or department, you may need to establish a new group in your IdP.
    • You should then map this new group to a role in IriusRisk.

  2. Removing a Group or Role:

    • If you dissolve a team or department, you may remove the corresponding group from your IdP.
    • In turn, you may then need to remove the mapping for that group from the IriusRisk SSO configuration.

Changing the Mapping Between a Group and a Role

  1. Changing Responsibilities:
    • If the responsibilities of a team or department change, you may need to map them to a different role in IriusRisk.

Instructions for SaaS Customers

For SaaS customers, making changes to SAML mappings requires opening a support ticket and providing context on the change you wish to make. Please follow these steps:

  1. Open a Support Ticket:

    • Contact our support team and provide detailed information about the SAML mapping changes you need.

  2. Share New Mappings:

    • Clearly specify which groups from your IdP should map to which roles in IriusRisk.
    • When sharing the new mappings, use the following format:
      'Your_IDP_group':'IRIUSRISK_ROLE_1', 'Your_IDP_group':'IRIUSRISK_ROLE_2'

  3. Pre-create IriusRisk Roles (Optional):

    • If you are wanting to map an IdP group to a new IriusRisk role, ensure that you have created the role in the IriusRisk user interface (UI).

Instructions for On-Premise Customers

For On-Premise customers, you have direct control over your SAML configuration. Follow these steps to edit SAML mapping:

  1. Locate the SAML Configuration File:

    • Access your SAML configuration file from the command line interface (CLI). Per our SAML integration guide, this file should be named SAMLv2-config.groovy.

  2. Edit the Groovy File:

    • Using an editor of your choice, open the SAMLv2-config.groovy file.
    • Make the necessary changes in the SAMLv2-config.groovy file. For example, this may be changing the role assignment mapping in the userGroupToRoleMapping section, or setting a different defaultRole.

  3. Save Your Changes:

    • Save the edited SAMLv2-config.groovy file.

  4. Restart Docker Stack:

    • To apply the changes, restart your Docker stack using the following commands:
       
      docker-compose down docker-compose up -d

If you encounter any issues or have further questions, please reach out to our support team for assistance.

 

Conclusion

Remember that maintaining accurate SAML mappings is crucial for seamless Single Sign-On integration with IriusRisk. Keep your mappings up to date to ensure a smooth user experience for your organization.

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk