If your organization has a local role with the same name as the role you're pushing from your identity provider, a new, separate role with the same name will be created in your Modern Treasury organization. The newly created directory synced role will have a lock symbol.
Directory synced role names are unique - this is enforced by your identity provider.
Once SCIM and directory sync is configured for Modern Treasury, updates to roles must be done in your identity provider. You will not be able to edit role name, description, or users for any roles (directory synced or local).
Delete roles with caution
Deleting roles will also affect the role's associated approval rules and notification groups. This applies to both directory synced and local roles.
Approval rules for Payments, External Accounts, and Cases require review from assigned roles. Deleting or de-provisioning a role will have the following effect:
- For approval rules requiring approval from only the deleted role, the rule will be automatically deleted.
- For approval rules requiring approval from more than just the deleted role, the rule will not be deleted but the deleted role will be removed from the approvers list.
Deleted roles will be automatically removed from notification groups.
Once you have set up directory sync, we recommend deleting local roles that are not managed by your identity provider.
Before deleting local roles with a directory synced copy, add the directory synced role to the local role's approval rules and notification groups.
To delete a local role, go into the role's edit view and click on the
Delete Role button at the bottom of the page. Confirm the deletion in the modal.
Updated 4 months ago