To assign users to specific groups in Podbean based on their Microsoft Azure Entra ID group memberships when using SSO, follow these steps:
Before setting up SSO groups, ensure that:
1. You have successfully configured SSO login in both Microsoft Azure Entra ID and Podbean.
2. SSO login is functioning correctly.
Note: If you haven’t configured SSO login yet, please follow this guide to set up Microsoft Azure Entra Single Sign-On (SSO) integration with Podbean first.
Steps to Enable Group Assignment Through SSO
1. Log into Microsoft Azure Entra ID
Access the Microsoft Azure Entra ID portal.
2. Navigate to Enterprise Applications
From the left menu, go to Manage > Enterprise Applications.
3. Select the Podbean Application
Under the list of applications, click Podbean.
4. Access SAML Settings
On the Podbean Application page, go to Manage > Single sign-on, then click SAML.
5. Edit Attributes & Claims
On the Set up Single Sign-On with SAML page, scroll to Step 2: Attributes & Claims, and click Edit.
6. Add a Group Claim and Configure Group Claims
On the Attributes & Claims page, click Add a group claim. A Group Claims configuration panel will appear on the right. In the Group Claims panel:
- Which groups associated with the user should be returned in the claims?
Choose All groups or another option based on your needs.
Advanced Options:
Check Customize the name of the group claim.
In the Name (required) field, enter groups.
7. Save and Test
Save your changes. When users log in to Podbean via SSO, the system will automatically:
- Create groups in Podbean corresponding to the group IDs passed from Microsoft Azure Entra ID.
- Assign users to their respective groups in Podbean.
By following this setup, you can streamline group management between Microsoft Entra ID and Podbean, ensuring users are assigned to the appropriate roles automatically.
Notes:
- If a user was previously assigned to a group in Podbean but their Microsoft Entra ID login does not include that group, they will not be removed from the group in Podbean.
- Ensure that group configurations in Microsoft Entra ID are kept up-to-date for accurate user assignments.