Managing external identities to enable secure access for partners, customers, and other non-employees
Group assignment during OIDC Federation
We are having a federation with OIDC IDP from Entra external and the federation is working fine and users are created in Entra External tenant as members. Once the federation is successful, we are having a SAML SSO enabled for Entra enterprise application. During the SAML SSO application checks for role assignments through Entra Group assignment.
SSO is failing during the very first login because users are not assigned to any security groups, and SSO is working fine after users are assigned to groups which will add roles required.
We need to know if there is anyway to assign group memberships to users during federation when users are created.