Identity Provider Permissions
How to specify the Identity Provider Permissions.
Starting from BigFix Platform Version 11 Patch 2, you can use Microsoft Entra ID as Identity Provider in BigFix and you can manage both Microsoft Entra ID users and groups using Web Reports.
Scenario 1: Creating a specific Web Reports operator from an Azure user
Prerequisites to satisfy before running this scenario:
- The application has been registered in Microsoft Entra ID.
- The identity provider has been successfully added to BigFix.
Perform these steps:
- Add the user to the application in the Azure portal. You can either add the user individually or add a group that the user belongs to.
- Create the Web Reports operator as follows:
- Go to the ”Identity provider Permissions" section.
- Select the identity provider.
- Locate and select the user from the previously added tenant.
- Assign the desired roles to the new operator. The Admin operator can assign them.
- The new operator account is now ready to be used.
Scenario 2: Creating Web Reports operators from an Azure group
Prerequisites to satisfy before running this scenario:
- The application has been registered in Microsoft Entra ID.
- The identity provider has been successfully added to BigFix.
Perform these steps:
- Add the group to the application in the Azure portal.
- Assign the role to the identity provider group as follows:
- Go to the ”Identity provider Permissions" section.
- Select the identity provider.
- Locate and select the group from the previously added tenant.
- Assign the role to the group.
Note:
- Initially, no operator account is created.
- When an Azure user from the added group logs in for the first time, a Web Reports operator account associated with that user will be automatically created. This account will inherit the permissions assigned to the group in step 3.