Did You Know? Pharos Cloud already supports Single Sign-On (SSO), which lets your users sign in using their existing company credentials. Now, administrators can take this a step further. Using Group Mapping, you can manage which users have which admin roles directly from your identity provider (IdP) — such as Microsoft Entra ID — rather than configuring access manually inside Pharos Cloud.
What's New
With the new Group Mapping feature, Pharos Cloud links your IdP groups to roles within the platform. Once configured, user permissions are automatically assigned — and revoked — based on group membership in your IdP. No more managing individuals one by one inside Pharos Cloud.
How it Works
Group Mapping works in three straightforward steps:
- Users and groups are synced from your IdP into Pharos Cloud using SCIM provisioning.
- An administrator creates a Group Mapping that connects an IdP group to a Pharos Cloud role.
- When a user signs in via SSO, Pharos Cloud checks their group membership and grants the appropriate role automatically.
Example: If your Entra ID group "Company-IT-Admins" is mapped to the IT Administrator role in Pharos Cloud, every member of that group automatically receives that access when they sign in. If a user is removed from the IdP group, their access is revoked immediately — no manual cleanup required.
Benefits of Using Group Mapping
Centralized Access Control | Manage all user roles from one place — your IdP — instead of juggling settings across multiple systems. |
Automatic Provisioning | When someone joins or leaves a team in your IdP, their Pharos Cloud access updates instantly — no manual steps needed. |
Reduced Security Risk | Immediate access revocation when a user is removed from an IdP group means no lingering admin accounts. |
Consistent Role Assignment | Group-based rules eliminate human error from individual access configuration, keeping permissions predictable and auditable. |
Ready to Get Started?
Visit our Group Mapping documentation for more information