Please use the form below to provide your feedback. Because your feedback is valuable to us, the information you submit in this form is recorded in our issue tracking system (JIRA), which is publicly available. You can track the status of your feedback using the ticket number displayed in the dialog once you submit the form.

Manage Identity Providers

  • how-to
    +
    Once a realm is created, you can view and manage it in the Capella UI.

    Realms manage the link with your identity provider (IdP). Each organization supports one realm.

    This page walks you through the process of accessing a realm, changing a realm’s default team, and deleting a realm. If you need to create a realm, see Add Federated and SSO Authentication.

    Access Realms in the Capella UI

    Permissions Required
    Only those with the Organization Owner role can access realms.

    1. In the Capella UI, on the navigation bar, click the Settings tab.

    2. In the navigation menu, click SSO.

      This opens the Organization Realms page, which provides basic information about any configured realm.

    3. Click the name of the realm you’re managing.

      This opens the SSO page containing the details of the chosen realm and the controls to manage it.

    Realm Names

    When you create a realm, it’s automatically assigned a unique auto-generated realm name. If you prefer a custom realm name, you can request one by contacting Couchbase Capella support.

    SSO users must provide the realm name when they sign in to Capella to connect to the SSO provider. On the SSO page, you can copy this name from the Realm Name field using the copy button .

    Change the Default Team

    Permissions Required
    Only those with the Organization Owner role can change the default team.
    Capella assigns SSO users to the default team if they’re not mapped to another team. Typically, a default team should have the fewest permissions.

    Every SSO user is a member of a realm’s default team unless otherwise specified through role mapping. When a realm is first created, the default team is "My First Team," but you can designate any team in your organization as the default. You can’t delete any team set as the default team.

    1. On the Organization Realms page, click the name of the realm you’re editing.

      The SSO page opens.

    2. Within the Default Team section, use the Your default team drop-down menu to choose a new default team.

      This list includes any existing teams within your organization.

    3. Click Save.

      Any permission changes apply to affected users when they next sign in to Capella.

    Enable or Disable Group Mapping

    By default, Capella assigns roles to SSO users based on which teams map to which SSO groups. To manage SSO users like any other Capella user, you can disable group mapping.

    When you turn off group mapping for a realm, Capella still uses the default team to assign roles when SSO users first sign in. After SSO users sign in, you manage them like other Capella users through the People tab and each project’s Collaborators tab.

    For more information about managing SSO users with group mapping turned off, see Manage Organization Users and Manage Project Users

    When SSO users sign in for the first time after you’ve disabled group mapping, they keep their current roles. If they sign in after you enable group mapping, their roles sync based on any mapped SSO groups and Capella deletes the old permissions.

    To enable or disable group mapping for an existing realm:

    1. On the Organization Realms page, click the name of the realm you’re editing.

    2. Within the Group Mapping section, choose to enable or disable group mapping.

    3. Click Save.

      Any permission changes apply to affected users when they next sign in to Capella.

    Delete a Realm

    Permissions Required
    Only those with the Organization Owner role can delete realms. You can’t delete a realm that you are currently signed into.
    When you delete a realm, all SSO users connected to your organization through that realm and its connected identity provider have their permissions deleted.

    1. On the Organization Realms page, click the name of the realm you’re deleting.

      The SSO page opens.

    2. Click Delete Realm.

      This action displays the Delete Realm dialog.

    3. Type delete into the provided text area.

    4. Click Delete.