To Map AD FS Claims to Roles in MYOB Acumatica

After you have enabled Microsoft Active Directory Federation Services (AD FS) integration, you need to map AD FS claims to user roles defined in MYOB Acumatica by using the User Roles (SM201005) form. Claims configured in To Configure AD FS Claims transfer domain groups to MYOB Acumatica to associate them with user roles. Do the following:

  1. Open the User Roles (SM201005) form.
  2. In the Summary area, in the Role Name box, select the MYOB Acumatica user role you want to associate with a domain group (or with multiple groups).
  3. On the Claims tab, click Add Row.
    Note: The Claims tab appears on this form if the integration of MYOB Acumatica with AD FS has been enabled in the web.config file, as described in To Enable AD FS Integration with MYOB Acumatica.
  4. In the Group column, type the name of the domain group that you want to associate with the role in the following format: <Domain_Name>\<Group_Name>.
    Note: If you have configured claims that transfer other parameters to MYOB Acumatica, you need to specify the values of these parameters in the Group column.
  5. On the form toolbar, click Save.
  6. Repeat Steps 2 through 5 for every role that should be mapped.
After you have mapped AD FS claims with user roles in MYOB Acumatica you can assign specific roles for a particular domain user, as described in To Set Up Role Assignment for Domain Users or enable silent logon with Azure AD to use the Azure AD service as the default identity provider, as described in To Enable Silent Logon.