# SAML User Rights: Custom Attributes (Advanced) > These are the advanced way of setting up user rights. We recommend using [SAML Access Profiles](/getting-started/automated-user-management/saml-login/saml-user-rights-access-profiles-recommended.md) > > [https://help.aikido.dev/doc/saml-user-rights-access-profiles-recommended/docVaVb0VPy1](/getting-started/automated-user-management/saml-login/saml-user-rights-access-profiles-recommended.md) This guide provides detailed instructions on how to configure and manage user rights within Aikido using SAML custom attributes. By leveraging attributes such as `aikido_role`, `aikido_data_edit_rights`, `aikido_can_ignore`, `aikido_can_snooze`, `aikido_can_change_severity`, `aikido_can_manage_teams`, and `aikido_teams`, you can control user permissions and roles from within your identity provider. This approach ensures that users have the same access in Aikido as set up in your identity provider. * **aikido\_access\_profile:** [**More info**](/getting-started/automated-user-management/saml-login/saml-user-rights-access-profiles-recommended.md)\ When setting up SAML Access Profiles, this is the claim to use. ```xml My Access Profile ``` * **aikido\_username:** You can define the name of the user in Aikido ```xml John Doe ``` * **aikido\_role:** `admin`, `default`, `team_only` ```xml default ``` * **aikido\_data\_edit\_rights:** `standard`, `read_only` ```xml standard ``` * **aikido\_can\_ignore:** `true`, `false` ```xml true ``` * **aikido\_can\_snooze:** `true`, `false` ```xml true ``` * **aikido\_can\_change\_severity:** `true`, `false` ```xml true ``` * **aikido\_can\_manage\_teams:** `true`, `false` ```xml true ``` * **aikido\_can\_export\_data:** `true`, `false` ```xml true ``` * **aikido\_can\_manage\_clouds:** `true`, `false` ```xml true ``` * **aikido\_can\_manage\_containers:** `true`, `false` ```xml true ``` * **aikido\_can\_manage\_domains:** `true`, `false` ```xml true ``` * **aikido\_can\_manage\_pentests:** `true`, `false` ```xml true ``` * **aikido\_can\_manage\_code\_quality:** `true`, `false`

<saml:Attribute Name="aikido_can_manage_code_quality">
      <saml:AttributeValue xsi:type="xs:anyType">true</saml:AttributeValue>
  </saml:Attribute>

* **aikido\_can\_manage\_repos:** `true`, `false`

<saml:Attribute Name="aikido_can_manage_repos">
      <saml:AttributeValue xsi:type="xs:anyType">true</saml:AttributeValue>
  </saml:Attribute>

* **aikido\_teams:** You can define the different teams where the user is a part of here. If the team(s) do not exist in Aikido, it will be created. The user will auto-join these given teams. The user will be removed from all other teams if this is set up. ```xml team1 team2 ``` * **aikido\_workspace\_ids:** You can define the different Aikido workspaces where the user is a part of here. The user will auto-join these given workspaces. The user will be removed from all other workspaces if this field is set up. ```xml 1233 2511 ``` * **github\_samlidentity\_nameid:** (github specific) Team member sync based on SAML users currently only works if users also log into GitHub via SAML. By sending the `github_samlidentity_nameid` SAML claim containing the user’s email address, triggering team-sync will also sync the SAML team members. ```xml example@email.com ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.aikido.dev/getting-started/automated-user-management/saml-login/saml-user-rights-using-custom-attributes-advanced.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.