pdp idp

Description

Operations related to SAML-based authentication.

Syntax

pdp idp groups <options>

Parameters

Parameter

Description

groups <options>

Shows and configures the consolidation of external groups with the fetched groups.

The available <options> are:

Configure the authorization behavior for user groups:

pdp idp groups set {only | prefer | union | ignore}

only - Considers only groups the Identity Provider sends. Ignore groups received from configured User Directories.
prefer -Prefers groups the Identity Provider sends. Considers groups received from configured User Directories only if the Identity Provider sends no group. This is the default.
union - Considers both groups received from configured User Directories and groups the Identity Provider sends.
ignore - Considers only groups received from configured User Directories. Ignores groups the Identity Provider sends.

Shows the configured behavior:

pdp idp groups status