To Map Roles between Trusted Providers

The following procedure describes how the service provider configures this type of role policy for novell.com, mapping the N_Employee role to an Access Manager role:

  1. Click Policies > Policies > New.

  2. Select Identity Server: Roles for the type, then click OK.

  3. Configure the role policy as shown in the following image:

    Role activation from trusted provider

  4. In the Conditions section, click New > Roles from Identity Provider.

  5. Select the trusted identity provider.

  6. For Comparison, select String > Equals.

  7. Select Value > Data Entry Field.

  8. Type the name of the role used by the trusted identity provider.

  9. Under the Actions section, click Activate Role.

  10. Type the name of the role you want to activate at the trusted service provider.

  11. Click OK.

  12. On the Policies page, click Apply Changes.

  13. To enable the role so that it can be used in Authorization and Identity Injection policies, click Identity Servers > Servers > Edit > Roles.

  14. Select the check box next to the name of the role, then click Enable.

  15. Click OK.

  16. Update Identity Server.