Group Sync

Important: To enable group sync, you must have the Administrative privileges in your organization’s identity provider and one of the following Flexera One roles: Manage organization or Administer organization. For complete descriptions of each role available in Flexera One, see Flexera One Roles.

Organizations with Just-in-Time (JIT) provisioning enabled may enable group sync to automate permission management in Flexera One. Users must be organized into groups in the IdP, based on the permission they should have in Flexera One. When group sync is enabled, Flexera One accepts a list of groups sent by the IdP and adds the user to those Flexera One groups. These groups have pre-configured permissions in Flexera One. Once added to the appropriate groups, users automatically have the permissions setup for those pre-configured Flexera One groups.

This information is broken into the following sub-sections:

•

Administration Setup of Group Sync

•

Passing Groups Memberships in the SAML 2.0 Assertion