Hub IAM role not working for users from third party identity provider

Hub IAM role not working for users from third party identity provider

457
Created On 09/18/24 17:17 PM - Last Modified 10/21/25 22:22 PM


Question


Why the user is unable to access the application assigned in the Hub IAM?

Environment


Hub
Identity & Access Management

Answer


- The Hub IAM will honor the role assigned to the user in the 3rd party IdP if the user was registered after a login through the federation configured.
- If the role is manually changed in the Hub IAM, it will still honor the role assigned in the IdP side and probably won't work as expected. If this is the case, the customer just needs to assign the appropriate role on the IdP side and it will be enforced when the user login to the Hub and application granted access.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000scnOCAQ&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language