Permissions roles not showing up

Im trying to add some view permissions, but no roles are showing up!
Eventho i definitly have some, it is working to make some buttons invisible, but i also want to add in view security…
I also so no roles for adding permission to scripts

version: 8.1.7 (b2021060314)

Hi @victordcq, have you created the roles in the default IdP?

yes as seen in the second screen shot,
i can add roles to my users jsut fine

That’s the User Source, you also need to create them in the IdP: Security Levels - Ignition User Manual 8.1 - Ignition Documentation

1 Like

ahh i have not checked those

alright this works :smiley:
im not sure why these are seperated tho

1 Like

Yeah, it’s a bit of a faff mapping it all, but a small price to pay to leverage the power of 3rd party IdP’s.

If you add ‘Administrator’, ‘test2’, etc. (I believe its is case sensitive) to the Roles level it should directly map to your User Source.

You can also create custom security levels and hierarchy’s, but these need to be mapped using the security level rules. This can get complicated very quickly though depending on your security methodology (but it is very powerful).

The User Source is primarily used in Vision and a Classic authentication strategy. It is what Ignition natively understands. IdP’s were added in 8.x so that you can use external identity providers, but there needs to be a way for Ignition to interpret the responses for these (as each provider can be different), so you need to configure both sides. Admittedly, it doesn’t make much sense when using Ignition’s internal provider, but it does when you start using 3rd party IdP’s.

Edit: if you get a chance to play, you can get a 14 day free trial from Okta to test with a 3rd party IdP. This is what gave me the eureka moment. Also, the Ignition manuals have examples specifically for Okta, so setup is reasonably straight forward.

1 Like

Ahh yea that makes sense i suppose, might be nice to have a button that automatically maps the usersource with the security levels tho.

I dont think our company will use an exteral idp’s any time soon^^ But i will check it out if i have time for it

1 Like