Skip to content

[feature] Allow SAMLLabelRule to handle updating roles #1201

New issue
New issue
Closed
#1837
Closed
[feature] Allow SAMLLabelRule to handle updating roles#1201
#1837
Assignees
Unix4ever
@alongwill

Description

@alongwill
alongwill
opened on May 12, 2025

Problem Description

SAMLLabelRules do not currently support changing the user's role in the identity provider (e.g. Active Directory).

https://omni.siderolabs.com/how-to-guides/using-saml-with-omni/auto-assign-roles-to-saml-users

This role assignment will only work for the new users logging in with SAML.

If the user's role in the identity provider is changed, then the user has to be deleted from Omni and recreated in order to pick up the correct role.

Solution

Can this functionality be updated to handle changes to a user's role in the identity provider? i.e. so the user does not have to be deleted and recreated.

Alternative Solutions

No response

Notes

This was raised by a customer. (Ref 502)

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

Planning

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions