Console Login
Docs / Identity / Role Mapping

Role Mapping

Map identity provider roles to Gvner capabilities and approval requirements.

Identity GovernanceSSO SetupApprovals

What this covers

Role registry

Define internal roles with explicit capabilities.

External mapping

Map IdP roles to Gvner roles deterministically.

How to use

1. Define internal roles

Register roles with explicit capability sets.

2. Map external roles

Map IdP roles to Gvner roles.

3. Simulate access

Validate expected capabilities in preview.

4. Approve mapping

Apply change with approval trail.

5. Export registry

Export role mapping snapshot.

Console pages

Role mapping

Manage role definitions and mappings.

Identity ledger

Review mapping evidence entries.

Key API endpoints

POST /identity/role-map — Register a role + capabilities
POST /identity/role-map — Map external role to internal role
GET /identity/roles — List current mappings

Evidence outputs

Role mapping registry snapshot
Identity ledger entries for mapping changes