Connect
Ask Community
Ask the community
Ask Community

how do I map Okta groups to Hexnode technician roles?Solved

Profile photo of margaret
margaret
Participant
Discussion
Hexnode UEM
2 months ago Apr 03, 2026

Hi everyone. We are rolling out Hexnode to our IT team and I want to configure different administrative roles for our users based on our Okta directory. We want to create at least two different levels of access:

  • Full admin mapped to our Okta group: &Hexnode_Admin
  • Tech level mapped to our Okta group: &Hexnode_Tech

Where exactly in the SAML settings do I configure this group mapping? I can’t seem to find the option to dynamically sort them into these roles upon login. Any help or documentation links would be greatly appreciated!

topic view count 18 Views

Tags

Technicians & Roles (21)
Reply

Replies (1)

Marked SolutionPending Review
Profile photo of edenpierce Hexnode Expert image
edenpierce
Hexnode Expert
2 months ago Apr 03, 2026
Marked SolutionPending Review

Hi @margaret , welcome to the community!

To give you the short answer: Hexnode doesn’t actually use an automated “Group Mapping” page inside the SAML settings to sort users into roles dynamically. Because Hexnode strictly tracks individual licenses and audit logs for every single administrator, you will need to manually add your team members as “Technicians” inside the console and tie their login directly to Okta.

It is actually super quick to set up. Here is the easiest workflow to get your two tiers up and running:

  1. Turn on Okta SSO for your teamFirst, we just need to tell Hexnode to allow your IT team to sign in using their Okta credentials.
    1. Go to Admin > Technicians and Roles in your portal.
    2. Scroll down to Global SSO Login Settings.
    3. Check the box for Okta and click on Save.
  2. Create your “Tech Level” roleHexnode already has a built-in “Admin” role with full rights (which is perfect for your &Hexnode_Admin group). For your &Hexnode_Tech group, you will want to build a custom role with limited rights.
    1. On that same page, click the Roles tab at the top and click Add Role.
    2. Name it something like “Tech Level Admin“.
    3. Go through the permission checklist and check off only what you want them to do (like letting them enroll devices or wipe them, but blocking them from things like billing or changing system settings).
    4. Click on Save.
  3. Add your users using their Okta emailsNow, you just need to invite your individual team members using their exact Okta email addresses.
    • For Full Admins: Go to the Technicians tab, click Add Technician, enter their name and Okta email, click Next, and assign them the default Admin role.
    • For Tech Level Users: Click Add Technician again, enter their details, click Next, and assign them the custom Tech Level Admin role you just made.

How it looks for your users: When your team goes to log into Hexnode, they will just click the Sign in with Okta button and type in their email. Okta will handle all the authentication on the backend. As long as they are active in your Okta directory and assigned to the right tier in Hexnode, they’ll get right in with the correct permissions.

Give this a shot and let me know if you run into any issues getting them imported!

Cheers,
Eden Pierce
Hexnode UEM

Load more
Save
Related Topics

Leaderboard

Profile photo of bram Champion image
bram
2865 pts
Profile photo of carter Champion image
carter
1945 pts
Profile photo of leo_scott Champion image
leo_scott
1897 pts
Profile photo of timo-liam Champion image
timo-liam
1805 pts
Profile photo of eliiza Champion image
eliiza
1787 pts
View all

Popular Tags

ABM (66)
Android (555)
iOS (412)
macOS (525)
Windows (391)
Apple TV (33)
App Management (430)
Enrollment (144)
Location (34)
Kiosk (261)
Scripts (102)
ADE (59)
OS Updates (84)
Android Enterprise (156)
View all