Access MMG Using SAMLRealm

6.6.2 Access MMG Using SAMLRealm

This section provides information on managing users who can access MMG with Identity Provider (IdP or IDP). The IdP acts as the Single Sign-On (SSO) service provider for implementations between MMG, and Compliance Studio. This configuration prevents separate login for each application. An Identity Provider (IdP) is a service that stores and verifies user identity. IdPs are cloud-hosted services, and they often work with single sign-on (SSO) providers to authenticate users. An Identity Provider (IdP or IDP) stores and manages users' digital identities. An IdP checks user identities via username-password combinations and other factors, or it may simply provide a list of user identities that another Service Provider (like an SSO) checks. The following are the ready-to-use roles that can access MMG using SAMLRealm. To integrate MMG with IdP as the SSO Provider, follow these steps:

Create the following roles in the IDP System:
For STSA:
- IDNTYAUTH
- MDLUSR
- MDLREV
- MDLAPPR
- PMFADMIN
- WKSPADMIN
- DSUSRGRP
- SIMULATIONUSR
- AYCFGADMIN AY_CFG
- PORTFOLIOADMIN
- PROJECTADMIN
- SCENARIOADMIN
- METRICSADMIN
- PROCESSADMIN
- VARIABLEADMIN
- CONFIGADMIN
For MMG:
- IDNTYADMN
- IDNTYAUTH
- MDLREV
- MDLAPPR
- MDLBATCHUSR
- WKSPADMIN
- MDLUSR
- DSUSRGRP
- DSREDACTGRP
- GRPADMIN
- GRPUSR
Note:
IDNTYADMN role is required only if you need the Admin Access.
Map the user groups to the respective user based on the user roles. The default permissions mapped to these users are available in the Permission section. However, these permissions can be added or modified.

Note:
It is recommended to use AAIRealm or SAMLRealm.