How to map Liferay site roles with Azure AD
written-by
Rishabh Agrawal
How To articles are not official guidelines or officially supported documentation. They are community-contributed content and may not always reflect the latest updates to Liferay DXP. We welcome your feedback to improve How To articles!
While we make every effort to ensure this Knowledge Base is accurate, it may not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with any feedback or concerns.
legacy-article
learn-legacy-article-disclaimer-text
Issue
- How to map Liferay site roles to Azure AD roles when configuring SAML?
- For example, if there is a role called Content Author under site roles, how to configure this role in Azure AD?
Environment
- Liferay DXP [all versions]
Resolution
- As per the compatibility matrix, Liferay DXP Self hosted Integrated Technologies Compatibility Matrix, Microsoft Azure is not supported as an Identity Provider (IdP), therefore, the support provided with this current integration is limited.
- The supported IdPs are ADFS, Liferay DXP, Liferay Portal EE, Okta, OpenAM 13+, PingFederate, Shibboleth, and Siteminder.
- However, direct role mapping between Liferay site roles and Azure AD roles is not supported when using SAML.
- Users can achieve similar functionality by mapping Azure AD groups to Liferay user groups and then assigning these groups to site roles.
did-this-article-resolve-your-issue