With automated user management (AUM), your users and groups in your identity provider (like OneLogin or Okta) are synchronized with New Relic.
When using automated user management, all group administration happens in your identity provider. If your existing groups logically map to access in New Relic, we recommend sending your existing groups. This makes providing and changing access to New Relic from your identity provider easy.
An example of how the user groups in your identity provider might map over to access grants in New Relic, which assign a group access to a specific role (default or customer) on a specific account.
In the above example, let’s focus on the Engineers group. Via SCIM, New Relic will receive the two user records as well as the information that they belong to the Engineers group. In this example, the configuration would be: the two Engineer users have the Read only role on Account 1, the Standard user role on Account 2, and the All product admin role on Account 3.
This access is given by creating three access grants in New Relic:
- Access grant assigning the role Read only to the group Engineers on Account 1
- Access grant assigning the role Standard user to the group Engineers on Account 2
- Access grant assigning the role All product admin to the group Engineers on Account 3
To learn more about how access grants work, see User management concepts.
For tutorials on creating new groups and custom roles, see User management tutorials.
If you need more help, check out these support and learning resources:
- Browse the Explorers Hub to get help from the community and join in discussions.
- Find answers on our sites and learn how to use our support portal.
- Run New Relic Diagnostics, our troubleshooting tool for Linux, Windows, and macOS.
- Review New Relic's data security and licenses documentation.