Sending Azure entitlements to SailPoint ISC when using Azure SSO as service provider

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

Hi,
we are required to receive user’s entitlements in Azure when user authenticates in SailPoint ISC using Azure SSO.

We want Azure to send the entitlements information to ISC so that the same entitlements can be then viewed in NERM tenant.

SailPoint has confirmed that the only entitlement NERM can see, are those which are sent by SSO configuration…

We are required these entitlements in NERM to configure some directory based rule…

Anyone has any idea about what changes are needed from Azure side so that it can send the entitlement information every time user logs in ISC using Azure SSO ?

All insights are welcome…

Thanks
Vaibhav

2

Hi,

I believe you have created an application for SSO configuration. In that application in azure navigate to “Token Configuration” => “Groups Claim”. In this you can select the groups to be sent to the SAML.

-Abhinov