Problem: Our enterprise uses id federation and recently purchased Tealeaf SaaS. Our on-prem user base is 6000+ users with all about a dozen requiring the "RegularUser" role. Manually adding/removing user access and permission levels is not easy to manage. It was confirmed that ID federation only authorizes, but does not manage permissions

Recommendation- Update IBM Id federation to authorize and set access levels to Tealeaf based on an organization's ADFS or LDAP systems. As an example, we have two AD groups we use on-prem to set user access levels. One is for admins and the other is for users. Establishing a relationship between these groups and Tealeaf roles will reduce the number of access control lists that need to be managed in large enterprises.