Manage user roles from the Identity Provider (e.g. OneLogin, Azure AD, ADFS, Okta, Google, SAML IdP) or keep the user role management in Cheqroom.
In some cases it’s useful to keep the role management in Cheqroom itself so there’s no need to contact your company's IT Administrator to change the role of specific user(s).
Option 1: Identity Provider (e.g. OneLogin, Azure AD, ADFS, Okta, Google, SAML IdP)
When managing roles through the Identity Provider (IdP), the following logic applies to new and existing users:
-
If the IdP doesn’t return a role, the user will be assigned the default role.
Any existing role previously assigned in Cheqroom will be overwritten.
-
If the IdP does return a role, that role will be assigned to the user.
Any existing role previously assigned in Cheqroom will be overwritten.
When managing roles through the IdP, you’ll get an overview of all possible roles that can be assigned via SSO:
-
Copy the role values you wish to use in your IdP.
-
Refer to the links below for detailed instructions on configuring roles for specific IdP’s:
Option 2: Cheqroom
When roles are managed through Cheqroom, the following logic applies:
-
New users
Newly created users will be assigned the default role when they log in for the first time through SSO.
-
Existing users
You can immediately manage their roles in Cheqroom