I have set up a IdP (simplesamlphp.org) with a User with the following attributes:
'email' => 'firstname.lastname@example.org'
'User.fullname' => 'User 1'
'User.roles' => array('admin')
And have setup elasticsearch's SAML setting:
However, as far as I understood, I still have to create a role mapping that will map, for example, the group
admin to the role
How can I avoid this step?
More context: The roles and permissions are managed externally (we use custom realms for this purpose). I just need that Elasticsearch resolves the permissions using the roles defined in the IdP without the need to have the association
Group -> Role for each role possble.