Hi all, I’ve gotten single-sign-on via SAML up and running, and also have the LDAP connection working as it should. I’m able to search for AD groups and assign a group to an organization in the IQ server, but for some reason a user who is member of that group has no access when logging in via SAML.
I’ve checked that the SAML claims are mapped correctly, but cannot get it to work. Assigning users to an organization works as expected however. Are there any common pitfalls I might have overlooked, or is it possible to configure the logging so that the groups coming from SAML are logged?