If SCIM is enabled for you and the configuration for SSO is complete, network admins will have access to the User Provisioning tab in the Identity Provider setup page. Once the SCIM service has synced user groups into Kno2fy, network admins can map Organizations to user groups for access.
Prerequisites for mapping User Groups
Complete the Identity Provider Setup, the User Provisioning Setup, SYNC users and user groups.
All users synced through SCIM should be incorporated into groups. The groups should align to the organizations they will need access to. It is common practice to have a group for all the admins if they have the same access.
Expect to have one group for each collection of users in an organization should have at least one group of Organization admins.
Must have one group of Network Admins.
While the same set of users are possibly Organization Admins as well as Network Admins, the system requires a separate group be designated as Network Admins.
Mapping Network Admin Group
Log in as a Network Administrator and navigate to Settings > Identity Provider.
Select the User Provisioning tab. Confirm that User Groups and Users have been synced over from your Identity provider.
Select the Group Mapping tab. Map the Network Admin Group.
The group(s) designated to be the Network Admin will have access to Network Admin Configuration such as SSO & User Provisioning (SCIM) configuration. A user group that is designated as Network Admin will not be available in other group mapping options although the users in this group can have membership in other groups.
Type in the name of the user group to be designated as Network Admin Group and select Add.
Confirm the number of users in the group match the number of users in your IDP for that group.
Note that a Network Administrator role is separate and different from an Organization Administrator role. A user can be both.