Technical Tip: How to obtain the Lacework FortiCNAPP custom user groups GUID and add the GUID to the SAML attribute claims

As referenced in the Lacework FortiCNAPP SAML configuration guide, Microsoft Entra ID SAML JIT, the Custom User Groups required the GUID of the user group to be added as the attribute value.

Adding the Custom User Groups claims attribute value in the Microsoft Entra ID.

Obtaining the GUID from the Lacework FortiCNAPP Portal.

1. In the Lacework FortiCNAPP portal, navigate to the User groups page. The user group GUID column is not shown by default and requires it to be enabled in the column showing list.
                                                

2. Select and enable the 'User group ID' in the column list, and the GUID column will now display in the table.
   
   

3. Drag to expand the column width of the User group ID, search for the related user group, and copy the GUID value to insert into the SAML attribute claims of the Custom User Groups.
   
   

Obtaining the GUID from the Lacework FortiCNAPP CLI command.

Use the command to display user group details.

# lacework api get /api/v2/UserGroups

Output sample:

Related document: