Hello
Are there any roadmap items to expose User Groups to APIs? We are looking into locking down app entry to only execute the app if a user is part of an associated user group. It would be great if we can integrate adding and removing of people from User Groups via APIs.
Hello John, do you currently have User Groups connected to SAML SSO? If yes, I am wondering how you would think about the power struggle between our SAML mapping into User Groups v. updating with an API- in other words, how to determine which user group mappings to honor?
Hey Kevin,
We do. This is where we become unstuck. We pass over one group over a SAML connection which maps the user to a role and to one group. We have an issue where Tulip currently cannot manage multiple groups coming over as one string “group1, group2, etc”. If we could do this then SAML could set the groups.
If we can use an API to manage user groups then we could look at having two provisioning settings:
To manage the user group, passing over one group through SAML.
An integration with our account management solution to add users to user groups based on selected app roles.