First login with a new user
While the user is recognised by the identity provider, the user is unknown at this point in Edge Flow Manager (EFM). So while the login is successful, the result is an authorization error as the user has no access to anything at this point.
An administrator needs to create an EFM user with a matching identity and grant that user access to an agent class(s).
efm.security.user.auth.autoRegisterNewUsersproperty set to
true, after the first login, the EFM user is automatically available in the admin view and policies can be assigned to it, as shown in the following image:
The user rights are assigned to the users based on the configured state when the login happens. This means that if policies are changed by an administrator, a re-login is required to issue a new token based on the new policies. After this, the user has access to filtered data based on the assigned policies. Everything is assigned based on agent class, so if users have no assigned role for a given agent class, they do not see anything related to it.