The role management option lets you choose if you want to manage the roles from the Identity Provider (e.g. OneLogin, Azure AD, ADFS, Okta, Google, SAML IdP) or keep the role management in Cheqroom.
In some cases it’s useful to keep the role management in Cheqroom itself so there’s no need to contact your company's IT Administrator to change the role of specific user(s).
Option 1: Identity Provider (e.g. OneLogin, Azure AD, ADFS, Okta, Google, SAML IdP)
When roles are managed through the Identity Provider than the following logic is used:
New and existing users |
The role of user will be updated on every login through SSO.
|
Please check the list below to configure roles for an specific Identity Provider:
Option 2: Cheqroom
When roles are managed through Cheqroom than the following logic is used:
New users | Existing users |
New users first need to login through SSO and then you will be able to manage their roles.
Newly created users will be assigned the selected default role when they log in for the first time through SSO. | You can immediately manage their roles in Cheqroom |
Remark: If you used the Identity Provider option previously the role claim will always be ignored
More information can be found in the How can I modify the user role of any existing user? help article