security login external-role-mapping modify
Suggest changes
PDFs
Modify a external role mapping
Availability: This command is available to cluster administrators at the admin privilege level.
Description
This command modifies a configured mapping between an external IDP (Identity Provider) role and an ONTAP role.
Parameters
-external-role <text>- External Role Name-
Identifies the external role mapping that is being modified.
-provider {basic|keycloak|auth0|adfs|entra}- Provider Type-
Identifies the IDP provider associated with the external role mapping being modified.
[-ontap-role <text>]- Ontap Role Name-
The new ONTAP role to which the external role should be mapped. This should be a role defined within ONTAP. For example 'admin'.
[-comment <text>]- Comment-
Optionally, new comments or notes related to the external role mapping can be specified here.
Examples
This command modifies an external role mapping for the external role "Administrator" from the IDP provider "entra" to the ONTAP role "readonly". The comment 'Modified role mapping' provides additional context for this mapping.
cluster1::> security login external-role-mapping modify -external-role Administrator -provider entra -ontap-role readonly -comment "Modified role mapping"