1. Create desired groups in the IdP

2. Assign the desired users to groups
Assign the relevant users to groups reflecting their roles and permissions.3. Configure the SAML SSO provider
Configure your SAML SSO provider to include agroups
attribute. This attribute should list all the groups you want to sync.

4. Map IdP groups to Datafold groups

datafold_admin
group, created in the IdP through step 1, will be automatically synced. Users in this IdP group will also be members of the corresponding group in Datafold.
Note: Manual Datafold user group memberships will be overridden upon the user’s next login to Datafold. Therefore, group memberships should be managed exclusively within the IdP once the groups
attribute is configured.
Example configuration
Here’s how you might configure three groups to map to the three default Datafold groups,admin
, default
and viewonly
:
