Problem
Given a Tikit admin accessing Security settings.
When the admin attempts to add a new mapped role for an AAD Security or Universal group.
Then the group is not an available option in the “Provider role/username to be mapped” field.
Solution
Tikit keeps a list of what we call known provider roles, basically the Tikit users and their group membership, that is used for mapping app roles.
To resolve a missing group in Security, add the group as a known provider role by associating it with a Tikit user.
To resolve a missing group in Security, add the group as a known provider role by associating it with a Tikit user.
The simplest path to add a security group as an option to Security is:
- In AAD, add an existing Tikit analyst as a member to the security group.
- Sign in to the Tikit web app as the analyst with a new session to refresh their group membership
Note that you can either clear the browser cache (recommended) or use https://app.tikit.ai/api/force-oidc to force a fresh sign-in prompt. - The group will then be available as a provider role option in Security for mapping.
At this point you could remove the analyst from the group and the known provider role entry will still be available for onboarding new users later.