Showing results for 
Show  only  | Search instead for 
Did you mean: 

How do I map Group/users in Accounts Management Portal

New Poster

Just want to ask if the approach in mapping groups/users in appdynamics controller is the same in Account Portal?


I already configured the SAML federation and in azure.Then,  in Azure, I added a group and map in account portal for the SSO. However, users are still requires to to enter a password upon login. Is there something I missed? 



Hi @Randy.Manipon 


At this time, there is no grouping support for the Accounts SAML federation feature.  The current functionality is for identity authentication only.  Any user that is set to authenticate through the IDP that you have configured through the SAML federation function will be directed to your IDP for authentication.   This requires one of 2 things: 1) user is registered already in Accounts user management and set to be authenticated by your IDP or 2) user is "just in time" (JIT) provisioned into Accounts user management through the IDP initiated flow.    Once the user record is established in the Accounts user management listing, when they come to the Accounts pages or services of to login, they should get directed to your Azure IDP to authenticate.  


For reference, the documentation is here:


Over time, we do aim to provide improved JIT provisioning as well as attribute mapping support to enable access control from SAML attributes.  Look for some of those improvements later this year.


Does this help?