The name of the role. Local roles in different enterprises can have the same names
The enterprise that a local role belongs to
Make this role global
To create a global role that can be used in all enterprises, mark the Make this role global checkbox.
|Allowed CIDRs||Optional: to create a default list of network addresses from which users with this role can access the platform, enter Allowed CIDRs. You can also set allowed CIDRs for a scope. The user will inherit the role and scope CIDRs. Any allowed CIDRs set directly for the user will have priority over these inherited allowed CIDRs.|
The corresponding external roles, e.g. LDAP group, for the user. Required in external authentication modes (openid, ldap). A user's external roles must map to a single role (local or global). See LDAP and Active Directory Integration and Abiquo OpenID Connect Integration. You can also set external scopes.