In order for SSO authenticated users to gain the appropriate permissions within Orca, the users must be assigned to a user group on both:
- the identity provider system (IDP)
- the Orca Portal
In this article, we explain how to create these groups and assign the desired permissions.
SSO Identity provider console
We'll use 'Okta' as the identity provider example for this article.
First, make sure the user is assigned to a group or groups on the identity provider side. If this isn't already configured please do so before proceeding to the Orca Portal setup.
1. Press the 'Settings' button on the bottom left above the Avatar
2. Choose 'Users & Permissions' and then navigate to the 'Groups' tab.
3. On the upper-right corner, select 'Create group'.
4. Enter the group name as it appears on the Identity provider (case sensitive), and check the 'SSO group' box.
Tip: User's group associations are mapped to the
5. Press the dotted vertical line on the new group icon that will be created and add the desired permissions.
6. That's it! Now the desired permissions are assigned to the group you created and SSO is enforced on login.
Please reach out to firstname.lastname@example.org with any further questions.