This tip comes from the Knowledge sharing challenge.
Manage user permissions with Dynatrace SSO
We found a very simple way to manage our users' permissions with Dynatrace SSO. We have approximately 300 active users on Dynatrace and we are able to link the required permissions for each user automatically according to the user's group.
This allowed us to ensure that all new users automatically receive their required permissions.
For each user profile I have (there are 5 in total) I have a group associated with the user in Active Directory.
During the SSO process, I inform Dynatrace of the attribute he will use to match the permissions on the Dynatrace side.
So, automatically, all users who need to access Dynatrace automatically already have a permission set because the attribute is found in their identity in Active Directory, which is the base where my SSO reads their permissions. (IDP).