Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Group Module Mapping

This mapping is related to the groups created using the contrib module - Group. Using this feature you can map roles/groups received from your Identity Provider to your existing groups in Drupal during SSO. Based on the group attributes in the SAML response, users are automatically added to the corresponding Drupal groups at login, ensuring proper access control and group-based permissions without manual assignment.

Go to the Mapping tab then click the Edit button for your desired IdP.
Then, expand the Group Mapping section and check the box for Enable Group Mapping.
Check Keep existing groups check box to keep the existing group as it is, and do not want to update the groups.
Enter the attribute name in the Group Attribute text box to map it to an existing Drupal group.
Now, select the Drupal group from the dropdown that you have created.
Then, enter the value of the attribute that you have entered in the Server Group Name/ID text field. You can add multiple values, separating them with ; (semicolon).
Then, click the Save button.

Example:

Let's consider an example where the Identity Provider (IdP) sends the attribute memberOf in the SAML response during SSO. Our goal is to automatically add users to the appropriate Drupal group based on this attribute.
In the configuration, we set up the following mapping:
- Group Attribute Name: memberOf
- Drupal Group: Drupal Developers
- Server Group Name/ID: developers (value of Group Attribute)
With this setup, when a user logs in via SSO and the SAML response contains memberOf = developer, the user is automatically added to the Drupal Developers in Drupal. If the attribute value does not match, the user will not be added to that group.