Configure the IDE Authentication Mode

Important! To configure security using Authentication providers mode, the System Platform IDE user must be a member of the aaConfigTools group on the local IDE node.

1. On the Galaxy menu, click Configure and then click Security. The Configure Security dialog box appears.

   

2. Select Authentication providers mode.

3. Switch to the Roles tab.

4. Enter the Azure AD group name or select it from the dropdown list, then click the + button.

   The AIM Security providers (e.g., Azure AD) are available in a dropdown (e.g., list of Azure domains). You can select a provider from the dropdown list instead of entering the name.

5. Once you have selected a provider, the available groups from the provider are listed.

   • A role always contains only one group.

   • You can use multi-select for adding groups. Adding multiple groups creates multiple roles.

   • A role name is always the same as the group name and cannot be changed.

   • Users in the added groups are automatically members of the roles that are created.

   • OS Groups are irrelevant in the context of Authentication Provider security.

   • All users that form part of the hierarchy below the added group will automatically have the role assigned, whether they are members of the top-level group or of any of the sub-level groups.

6. Switch to the Users tab.

   • The Users tab lists all users as authorized by their memberships within their assigned roles.

   • To see the roles assigned to a user, select the user.

   • You cannot add or delete users in the Users tab when the Authentication mode is set to Authentication providers.

   • Users cannot have their Roles added or removed. For details, see "Assigning Users to Roles" in the Application Server User Guide.