19 Oct 2021 03:39 PM - edited 21 Oct 2021 01:55 PM
Fellow community members,
We would like to configure SSO with OpenID on a managed dynatrace instance. Authentication with OpenID works but we have difficulties with the user group mapping. We have checked the checkbox "Assign users to groups based on UserInfo response claim or ID Token claim". However, we are not sure how the mapping happens. We have not changed the values in the "User group attribute" and "User groups seperator" fields.
Do we have to change those values?
Do we have to create groups with identical names?
Your help is much appreciated!
Kind Regards,
Patrick
21 Oct 2021 01:57 PM
We now have found out, that our OpenID sends the groups in LDAP Distinguished Name format. This would mean that we would have to create groups with a name corresponding to the respective LDAP Distinguished Name, which is not really user friendly.