Map claims from an external IDP to roles in XProtect

On the external IDP site, the administrator must create claims consisting of a name and a value. Subsequently, the claim is mapped to a role in the VMS, and the user's privileges will be determined by the role.

1. From the Site Navigation pane in Management Client, expand the Security node and select Roles.

2. Select a role, select the External IDP tab, and select Add.

3. Select an external IDP and a claim name and enter a claim value.
   

   The claim name must be written exactly as the claim name coming from the external IDP.

4. Select OK.

If an external IDP is deleted, all users connected to the VMS via the external IDP are also deleted. All registered claims that are connected to the external IDP are removed and any mappings to roles are removed as well.