Importing Roles or Groups from your Identity Provider

env0 Teams can be synced with your Identity Provider's (IdP) roles or groups.

For example, in Okta , when configuring the "Group Attribute Statements", this setting will determine which groups will get synced into env0 and mapped to env0 Teams.

How does this work?

Whenever a user logs in, env0 will create an env0 Team based on the user's group membership.
The env0 Team can then be assigned a env0 Project Role in the Project Settings. Whenever a new user logs in, if the env0 Team already exists, the user will be added as a member to the Team, and thus have the same Project Roles based on previous assignments.

Whenever a user is removed from a group, their team membership is also updated to help reflect their membership status.

Note: A user's team membership is only updated upon logging into env0.


Did this page help you?