Skip to content
Percona Documentation

For help, click the link below to get free database assistance or contact our experts for personalized support.

Get help from Percona

Streamlining RBAC with enhanced IdP group integration

Give Percona Everest a go by following our Quickstart guide.

Starting with Percona Everest 1.5.0, you can now assign RBAC policies to user groups obtained from the external IDP. This enhancement simplifies permissions management for external users without the need for unique sub IDs. To use IdP groups in Percona Everest RBAC, you must set up the groups claim in your IdP provider configuration.

Configure your Identity Provider (IdP) to provide the user’s groups claim by following our documentation.

To retrieve the IdP groups, you need to include the groups scope by specifying the following fields:

everestctl settings oidc configure --issuer-url=http://url.com --client-id=<your-app-client-id> --scopes openid,profile,email,groups

Learn more in Percona Everest 1.5.0 release notes.