Identity Provider Vision

When I set my Identity provider as the logon source in ignition for my vision clients how do I use the security levels for security on the screen. In order to enable/disable buttons etc. I used to use the Roles in the user source, but now I want to be able to use the Security Levels.

Vision does not support security levels in a first-class way. Vision’s access control model is based on roles and security zones. When you authenticate into Vision using an Identity Provider, the security levels are converted into roles and zones from the Authenticated/Roles/... and SecurityZones/... security levels, respectively. As long as you have your Roles user attribute mapper configured correctly for your IdP, you should be able to use roles and zones in Vision.

Thanks for that info. I can’t find great documentation for how to set up that User attribute mapping. Everything looks like it needs to parse the response document but my security levels are set up in the user grants section. Is there a way to set up the role mapping based off the Security Zones?