My end goal is to restrict View Permissions to certain IdP roles in certain Security Zones. I have created custom Security Levels to match up with IdP roles. The intuitive way to do that is configuring these View Permissions:
I think my problem is that although these role-based Security Levels do seem to be granted to users on login:
- Authenticated/Roles/Administrator
- Authenticated/Roles/Operator
the zone-specific levels (e.g., Authenticated/Roles/Administrator/Zone 1) are not automatically granted. I have read these articles in the user manual:
It seems I cannot create custom Security Level Rules for the zone-specific levels under each role either:
How do I get these security levels granted when a user satisfies both the role and zone conditions? Is there a better way to do this?