Incorporate Authorization information maintained outside of Mendix

We have an existing application  which needs some additional modules, and we are considering using Mendix for them. The same users would access both the Mendix App and the existing App screens. Currently Authentication/Authorization is handled through a common facility that supports SAML based authentication. All the user roles and permissions are stored in that facility and transmitted to the applications and the applications enforce the permissions when the controlled resources are accessed from the screen etc. Is there a way we could continue to use the same roles/permissions defined externally in the Mendix application?  
1 answers

Hi Guru,

In short: yes. You would use the SAML module in the Mendix app store to achieve the SSO functionality you need. In that module, you can configure both authentication and authorization. For Authorization, you can configure a microflow to read any assertions provided in the SAML message, and then use that information to configure your user with the correct Mendix user roles. The authorization check runs for each user login, so you can continue to maintain this data in your external system.