Non-Employee Risk Management - System User Roles are removed on Initial user login

Identity Security Cloud (ISC) ISC Discussion and Questions
, ,
18

Just to clarify the whole flow and summarize (somewhat) what is said above.

By default NERM is setup to have ISC as the identity provider (IDP), which enables any user in ISC to login to NERM. This also means that this setting will automatically update any role assignment in NERM. Mainly this is done so that ISC admins are treated as NERM admins and as such, can setup both systems properly.

If you want to change that behaviour and manually apply this access (and keep it that way), you will have to toggle this switch, see this screenshot posted above:

Screenshot 2025-11-04 at 4.05.49 PM
Screenshot 2025-11-04 at 4.05.49 PM1026×721 50.9 KB
, otherwise NERM will revert to the SAML assertion as part of the NERM-ISC link through the IDP.

This also means that you can then setup ISC to provision the access towards NERM using the NERM Users connector, see this screenshot posted above:

image
image690×243 20.9 KB

If you do neither, NERM will continue it’s default behaviour, if you do only one of the two suggestions (connector / toggle) the system will not have proper access management either.