We are currently using Azure SSO for authentication. Is it possible to have users automatically added to our Organization when they first log in? Users currently need to be manually added to the Organization via the "participants" page.

Support the ability to dynamically add and remove users from a Seqera Platform instance without needing to modify any configuration settings and redeploy.

We'd like the ability to sync group membership (power users, admins, regular users) from OIDC which comes from Okta, instead of having to mange those manually within the Seqera Platform

We had an open feature request regarding LDAP authentication for the Tower Enterprise, which would remove the annoying need of providing an email every time to log in.

Do you know what would be the timeline for this feature?

Introduce an automated mechanism to import and keep up-to-date user-team associations directly from the organization's LDAP/OIDC system. This enhancement would streamline user management by aligning users with the corresponding groups they can access in the organization system. This could simplify permissions management and help ensure consistency between the Seqera Platform and the organization's existing LDAP/OIDC structure.

This would reduce the manual effort in managing permissions, providing a more robust and synchronized experience for administrators and end-users.

Currently, there is no way to translate Seqera Platform's user's permissions into file system permissions.

The workaround is that customers are creating shares for each one of their workspaces. They have a share mounted in the HPC environment and the user's PC for each workspace. Each share is assigned an AD group. Whenever a user needs access to launch and retrieve data from a pipeline, the administrator has to manually add them to Seqera Platform and then to the AD group, which is inefficient.

Having restrictions on who can access each share based on Active Directory groups (which are also replicated in the Azure AD service) would be much more efficient: creating/assigning groups from LDAP or Azure AD to workspaces so that administration would be easier and not duplicated.