Skip to content

Commit

Permalink
Adding note to Entra ID
Browse files Browse the repository at this point in the history
  • Loading branch information
matthewshaver committed Dec 3, 2024
1 parent 75c062e commit 51a5b53
Showing 1 changed file with 7 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,13 @@ Depending on your Microsoft Entra ID settings, your App Registration page might

### Azure <-> dbt Cloud User and Group mapping

:::important

There is a [limitation](https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-fed-group-claims#important-caveats-for-this-functionality) in the number of groups Azure will emit (capped at 150) via the SSO token, meaning if a user belongs to more than 150 groups, it will appear as though they belong to none. To prevent this, configure [group assignments](https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/assign-user-or-group-access-portal?pivots=portal) with the dbt Cloud app in Azure and set a [group claim](https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-fed-group-claims#add-group-claims-to-tokens-for-saml-applications-using-sso-configuration) so Azure emits only the relevant groups.

:::


The Azure users and groups you will create in the following steps are mapped to groups created in dbt Cloud based on the group name. Reference the docs on [enterprise permissions](enterprise-permissions) for additional information on how users, groups, and permission sets are configured in dbt Cloud.

### Adding users to an Enterprise application
Expand Down

0 comments on commit 51a5b53

Please sign in to comment.