Feature Request: SAML Group Mappings

Hey there! We just setup SAML Auth to login into Zammad. Everything works fine, except one bug while linking existing accounts. (see SAML and LDAP is not working in one setup which is exactly the same a working setup - #2 by senbax).

However it would be awesome to add a SAML Mapping to directly assign users to groups.

Hi! We’ve encountered a similar problem with SAML and group/role mappings. We’ve therefore implemented some code to synchronize the roles provided by SAML in the Role field (which must be set up manually) with the roles that are available in Zammad so that a user always has the exact matching roles. It’s also optional and off by default, so no one is forced to change something. The (not yet 100% ready) code is at GitHub - giz-berlin/zammad at feature/get-roles-from-saml. With role mapping, a mapping to groups should also be possible. Would this be useful?