Role Mapping¶

Based on the added SSO configuration, after enabling role mapping, you can dynamically assign access permissions to employees. Employees will access TrueWatch based on their assigned role permissions.

Add Mapping¶

1. Go to Manage > Member Management > SSO Management > Role Mapping.
2. Click Add Mapping to start creating a new mapping relationship.
3. Identity Provider: You can select all identity providers within the current workspace.
4. Define Attribute Field and Attribute Value: The configured attribute field and attribute value must match the configuration in the Identity Provider (IdP) account for successful verification and granting of corresponding role permissions.
5. Select a role for authorization.

Manage Mapping¶

You can manage mapping rules through the following operations:

• Search and Filter: Support searching mapping relationships by role, attribute field, and attribute value, and can filter by identity provider.
• Edit: You can modify already configured mapping relationships. If an SSO login user does not match any role, they will be stripped of all roles and cannot log in to the TrueWatch console.
• Delete: Directly or batch delete mapping relationships. After deletion, users who do not match any role will be stripped of all roles and cannot log in to the TrueWatch console.