Explore documentation
  1. Welcome to Uptime 👋
  2. Frequently Asked Questions
  3. Monitoring
    1. Get started with monitoring
    2. Working with monitors
    3. Customizing monitors
    4. Monitor types
  4. On-call scheduling and alerting
    1. Get started with on-call
    2. Sending alerts to Slack ↗
    3. Connecting external calendars
    4. Advanced on-call setup
  5. Incidents
    1. Working with incidents
    2. Create incidents manually
    3. Post mortems
    4. Incident silencing
    5. Incident metadata
  6. Status pages
    1. Get started with status pages
    2. Working with status pages
  7. Integrations
    1. Integrating with Better Stack
      1. Slack
      2. Microsoft Teams
      3. iOS & Android mobile apps
      4. iOS & Android phone call alerts
      5. On-call routing number
      6. Datadog
      7. New Relic
      8. Prometheus
      9. Zabbix
      10. AWS CloudWatch
      11. Google Cloud
      12. Webhooks
      13. Okta SSO
        1. SCIM Provisioning
        2. Dynamic RBAC Assignments
      14. Jira
      15. Zapier
      16. Terraform
  8. Team and account management
    1. Team management
    2. Account settings
    3. Audit logs
  9. API
    1. Get started with API
  10. Monitors API
    1. Monitors
    2. Monitor groups
    3. Heartbeats
    4. Heartbeat groups
  11. On-call & Incidents API
    1. On-call calendar
    2. Escalation policies
    3. Severities
    4. Incidents
    5. Comments
  12. Integrations API
    1. New Relic Integrations
    2. Datadog Integrations
    3. AWS CloudWatch Integrations
    4. Azure Integrations
    5. Google Monitoring Integrations
    6. Grafana Integrations
    7. Prometheus Integrations
    8. Email integrations
    9. Incoming webhooks
    10. Slack Integrations
    11. Splunk On-Call integrations
    12. PagerDuty Integrations
  13. Status pages API
    1. Status pages
    2. Status page sections
    3. Status page resources
    4. Status page reports
    5. Status page report updates
  14. Other API
    1. Metadata

Dynamic RBAC Assignments

We will guide you through the process of setting up dynamic group-to-role mappings for automatic Role-Based access control (RBAC) provisioning.

Prerequisites

Before proceeding, ensure you have completed the initial setup for SSO and SCIM provisioning as outlined in our Okta SSO & SCIM Provisioning.

Configuring Okta Groups for Better Stack Roles

Create Okta groups that match the Better Stack roles. Users in these Okta groups will automatically receive corresponding roles in Better Stack when provisioned via SCIM.

Supported Roles in Better Stack:

  • Admin
  • Billing Admin
  • Team Lead
  • Responder
  • Member

You can find a full overview of the permissions per role in the Roles & Permission settings.

Steps in Okta Administration:

  1. For each role in Better Stack, ensure there is a corresponding group in Okta with the exact same name. For example, if you'd like to create users with Admin access rights, your group should be named Admin.

  2. Place users into the appropriate Okta groups based on their intended roles in Better Stack.

  3. Once you have all the users in the group, then go to the Applications -> Better Stack -> Assignments -> Assign -> Assign to Groups -> Find created group & Assign.

  4. In the Better Stack app, go to Push Groups -> + Push Groups -> Find groups by name -> Select group -> Save.

And that's it! You should now see your newly created group in Better Stack Teams, along with all the members assigned.

Rename the group in Okta

Once you push all the users in, feel free to rename the group in Okta - the already assigned roles will be kept.

Previous article

Okta SSO & SCIM Provisioning

Next article

Create an incident