Help Centre

Find answers, guides, and tutorials for Divorcepath.

← Back to Trust, Courts & Enterprise Admin

Map Entra Roles & Groups

Control default roles, enforce role mapping, and map Microsoft Entra groups into Divorcepath organization roles.

After Microsoft Entra sign-in is connected, role mapping determines what access a user receives when they join or sign in to your organization.

How role assignment works

Divorcepath supports two broad approaches:

  • Default role: new users receive one standard organization role when they authenticate successfully
  • Role mappings: Entra groups or other mapped sources are translated into Divorcepath organization roles

When to use a default role

A default role is useful when your pilot group is small, your organization has a simple access model, or you want all initial users to start with the same baseline permissions.

When to require role mapping

Enable required role mapping when users should only receive access if they belong to an approved Entra group or mapped identity source. This is the safer option when your organization has multiple permission levels or stricter access controls.

Recommended setup steps

  1. Set the default role carefully. Choose the lowest role that still makes sense for broad access, especially during early testing.
  2. Decide whether role mapping should be required. If yes, create mappings before wider rollout so users are not blocked unexpectedly.
  3. Map Entra groups to organization roles. Review group names and expected team responsibilities before saving the mappings.
  4. Test with pilot accounts. Confirm that users in each mapped group receive the correct access inside Divorcepath.

What success looks like

  • new users land with the right role on first sign-in
  • users without an approved mapping are blocked if role mapping is required
  • admin access is granted only to the groups your organization intends to trust

Common issues

  • Everyone gets the same role: review whether the default role is still enabled and whether mappings are actually required
  • Users cannot sign in after Entra setup: confirm their domain is allowed and that a required role mapping exists
  • Too much access: reduce the default role and move more users to explicit group mappings

Best practice

For larger organizations, start with a controlled pilot using explicit role mappings, then broaden access once you have confirmed the mapping logic and support flow.

Article 9 of 16 in Trust, Courts & Enterprise Admin
← PreviousSet Up Microsoft Entra Sign-InNext →Configure SSO Enforcement & Allowed Domains
Trust, Courts & Enterprise Admin
In this category
Security & Data Handling
Courts & Public Profile
Organization Admin
Enterprise Overview
Identity & Access
Document Repositories
View all Trust, Courts & Enterprise Admin articles →
Need help?
Call Support
1-833-939-5300
Email Us
[email protected]
Leave a Message
We'll get back to you