Managing users by group
PingOne groups correspond to groups in the user repository associated with your identity bridge. When a user signs on (SSO), their group information from the identity bridge is matched to a corresponding PingOne group. This enables you to authorize user access to cloud applications based on their group membership.
When you authorize applications for a group, those applications displayed in the PingOne dock for all members of the group and are available only to the group members. Any applications that you do not assign to a group are available to all users, but aren’t displayed in the PingOne dock. Instead, users can SSO to these applications using the SSO URL assigned to the application.
You cannot use the Active Directory group Domain Users for provisioning users. |