How can we help?

SSO: How do I provision users with specific roles?

You can configure your identity provider to send `role` and `customRole` attributes when the team member is signing into LaunchDarkly.

`role` is an optional attribute, which represents a built-in LaunchDarkly role. It must be one of reader, writer, admin. If unspecified, the default role is reader.

`customRole` is another optional attribute. It must be a list of keys for custom roles to give to the team member. These will replace the member’s existing custom roles. If a member has any custom roles, they will supersede the built-in role.

https://docs.launchdarkly.com/docs/single-sign-on#section-user-provisioning-via-sso

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request