K2cloud Identity and Role Federation
This section provides an overview of how K2cloud integrates with customer-managed Identity Providers (IdPs) such as Microsoft Entra ID, Okta, PingFederate, and other SAML-compliant platforms through the K2cloud CyberArk Identity Federation Service. It explains how Single Sign-On (SSO) is enabled, how metadata, domains, and group information are exchanged, and how customer-managed security groups are mapped to Fabric roles.
The section also includes a description of K2cloud’s layered Role-Based Access Control (RBAC) model, which governs access at the cloud (project) and space levels. It extends to Test Data Management (TDM) environments. It outlines the creation and mapping of roles and permissions, and illustrates how access can be restricted to specific spaces or environments while deployment rights are delegated to authorized groups.
By centralizing authentication and authorization in the customer’s IdP and enforcing least-privilege access through Fabric, K2cloud provides a secure, flexible framework for aligning access management with enterprise identity policies, supporting both day-to-day operations and advanced TDM workflows.
K2cloud Identity and Role Federation
This section provides an overview of how K2cloud integrates with customer-managed Identity Providers (IdPs) such as Microsoft Entra ID, Okta, PingFederate, and other SAML-compliant platforms through the K2cloud CyberArk Identity Federation Service. It explains how Single Sign-On (SSO) is enabled, how metadata, domains, and group information are exchanged, and how customer-managed security groups are mapped to Fabric roles.
The section also includes a description of K2cloud’s layered Role-Based Access Control (RBAC) model, which governs access at the cloud (project) and space levels. It extends to Test Data Management (TDM) environments. It outlines the creation and mapping of roles and permissions, and illustrates how access can be restricted to specific spaces or environments while deployment rights are delegated to authorized groups.
By centralizing authentication and authorization in the customer’s IdP and enforcing least-privilege access through Fabric, K2cloud provides a secure, flexible framework for aligning access management with enterprise identity policies, supporting both day-to-day operations and advanced TDM workflows.
