Gateway Config Permissions

Version 8.1.15

We are not able to use multiple roles to provide access to the Gateway Configuration page.

We have two user sources:

1. Contractor
   Role - Administrator
2. Customer
   Role - IGN_Administrator

The Customer user source has soft failover to the Contractor user source.

On the General Gateway Security Settings we have:

Designer Authentication Strategy: Classic

System User Source: Customer

Gateway Config Permissions: Authenticated/Roles/Administrator,Authenticated/Roles/IGN_Administrator

• User must belong to at least one of these

Users in the Contractor user source with the Administrator role can log into the gateway configuration page.

Users in the Customer user source with the IGN_Administrator role can NOT log into the gateway configuration page.

I have checked spelling a bunch of times,

Any pointers would be greatly appreciated.

This is probably an issue because of the fact that your default IdP is using the Contractor user source. What happens when you switch the user source for the IdP to the Customer user source?

We do not use the “default” IdP.

There is a Customer IdP that uses the Customer user source

In the gateway security settings the System Identity Provider is set to Customer.

What I find really odd is that the Administrator role is ONLY defined in the Contractor user source and the Contractor user source is never explicitly called out anyway.

Could you post what screen or error message you are seeing which leads you to this conclusion? This may help diagnose the issue.

Have you tried a Test Login against the Customer IdP to confirm whether your user who should have IGN_Administrator role actually has the role show up in the security level tree in the test login results page?

Login works now. We did not change anything, I suspect this was a bcac issue.