With automated user management, your users and groups in your identity provider (like OneLogin or Okta) are synchronized with New Relic.
How groups work
When using automated user management, you create groups of users in your identity provider service. Later, on the New Relic side, you'll assign groups access to roles and accounts.
An example of how the user groups in your identity provider might map over to New Relic group access (a group having access to a specific role on one or more accounts).
In the above example, let's focus on the Engineers group. Via SCIM, New Relic will receive the two user records as well as the information that they belong to the Engineers group. In this example, the configuration would be: the two Engineer users have the Read only role on Account 1, the Standard user role on Account 2, and the All product admin role on Account 3.
This access is granted by assigning several roles and accounts to the Engineers group in New Relic:
- Assign the role Read only to the group Engineers on Account 1
- Assign the role Standard user to the group Engineers on Account 2
- Assign the role All product admin to the group Engineers on Account 3
To learn more about how user access works, see User management concepts.
For tutorials on creating new groups and custom roles, see User management tutorials.