Cheqroom

Manage the user roles from the Identity Provider (e.g. OneLogin, Azure AD, ADFS, Okta, Google, SAML IdP) or keep the user role management in Cheqroom.

In some cases it’s useful to keep the role management in Cheqroom itself so there’s no need to contact your company's IT Administrator to change the role of specific user(s).

___________________________________________________________

Option 1: Identity Provider (e.g. OneLogin, Azure AD, ADFS, Okta, Google, SAML IdP)

When managing roles through the Identity Provider (IdP), the following logic applies to new and existing users:

If the IdP doesn’t return a role, the user will be assigned the default role. Any existing role previously assigned in Cheqroom will be overwritten.

If the IdP does return a role, that role will be assigned to the user.

Any existing role previously assigned in Cheqroom will be overwritten.

- If the IdP doesn’t return a role, the user will be assigned the default role. Any existing role previously assigned in Cheqroom will be overwritten.
- If the IdP does return a role, that role will be assigned to the user.
 Any existing role previously assigned in Cheqroom will be overwritten.

The role will be updated on every login through SSO

When managing roles through the IdP, you’ll get an overview of all possible roles that can be assigned via SSO:

Copy the role values you wish to use in your IdP.

Refer to the links below for detailed instructions on configuring roles for specific IdP’s:

- <a href="https://help.cheqroom.com/en/articles/10471657-configuring-sso-with-microsoft-entra-id-azure-ad#h_07b9234b91">Configuring User Roles with Azure AD</a>
- <a href="https://help.cheqroom.com/en/articles/10478818-configuring-sso-with-adfs#h_51b2cf2cdb">Configuring User Roles with ADFS</a>
- <a href="https://help.cheqroom.com/en/articles/10471598-configuring-sso-with-onelogin#h_af279dbe0f">Configuring User Roles with OneLogin</a>
- <a href="https://help.cheqroom.com/en/articles/10478745-configuring-sso-with-okta#h_3a073b9f11">Configuring User Roles with Okta</a>
- <a href="https://help.cheqroom.com/en/articles/10471750-configuring-sso-with-google#h_c0a1bd2406">Configuring User Roles with Google</a>

1. Copy the role values you wish to use in your IdP.
2. Refer to the links below for detailed instructions on configuring roles for specific IdP’s:
 - <a href="https://help.cheqroom.com/en/articles/10471657-configuring-sso-with-microsoft-entra-id-azure-ad#h_07b9234b91">Configuring User Roles with Azure AD</a>
 - <a href="https://help.cheqroom.com/en/articles/10478818-configuring-sso-with-adfs#h_51b2cf2cdb">Configuring User Roles with ADFS</a>
 - <a href="https://help.cheqroom.com/en/articles/10471598-configuring-sso-with-onelogin#h_af279dbe0f">Configuring User Roles with OneLogin</a>
 - <a href="https://help.cheqroom.com/en/articles/10478745-configuring-sso-with-okta#h_3a073b9f11">Configuring User Roles with Okta</a>
 - <a href="https://help.cheqroom.com/en/articles/10471750-configuring-sso-with-google#h_c0a1bd2406">Configuring User Roles with Google</a>

When roles are managed through Cheqroom, the following logic applies:

New users first need to login through SSO and then you will be able to manage their roles.

Newly created users will be assigned the default role when they log in for the first time through SSO.

You can immediately manage their roles in Cheqroom

- New users
 New users first need to login through SSO and then you will be able to manage their roles.
 Newly created users will be assigned the default role when they log in for the first time through SSO.
- Existing users
 You can immediately manage their roles in Cheqroom

If you previously used the Identity Provider option, the role claim will always be ignored

Option 1: Identity Provider (e.g. OneLogin, Azure AD, ADFS, Okta, Google, SAML IdP)

Option 2: Cheqroom