# Group mapping

With some type of external connectors, Cusna allows to define static rules to assign external users to a destination Group in Cusna, based on some criteria.

In general, the feature allows to statically define the mapping form a source group id (which definition depends on the IdP used) and the destination Cusna [Group](/service-management/groups.md).

{% hint style="info" %}
For most IdPs, you also have the option to make sure that only users that are mapped to a group are granted access to the service, by enabling the option **Authorize only members of mapped Groups**
{% endhint %}

### **Microsoft Entra (oAtuh)**

In case of Microsoft, it possible to crete rules that map the Azure Group ID into a Cusna Group. You can select the Microsoft Entra ID Group form a dropdown menu

<figure><img src="/files/1yGGilIyKv17gpNo2Giz" alt=""><figcaption></figcaption></figure>

### **Google (oAtuh)**

In case of Google, it possible to crete rules that map the Google Group  into a Cusna Group. You can select the Google Group form a dropdown menu.

<figure><img src="/files/xDMzlAOYEDvsQgcbHc1p" alt=""><figcaption></figcaption></figure>

### **SAML**

In case of SAML integration, for most systems, it possible to crete rules that map the source Group  into a Cusna Group. You need to enter the SAML Group identifier manually in the Source Group ID input.

<figure><img src="/files/k8AnjQaIx681KZ33Zwnr" alt=""><figcaption></figcaption></figure>

#### Microsoft Entra&#x20;

For Microsoft Entra ID, you need to enter the value of the Object ID of the Group that you can find the in the Azure Portal.&#x20;

<figure><img src="/files/bJKnRTO3yxPG1T0nGCST" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.cusna.io/cloud-identity-platforms-integrations/enterprise-cloud-idps/group-mapping.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.