At larger scales, manually setting roles (e.g. Template Admin) and assigning users to groups (e.g. Internal Services) becomes cumbersome & difficult to keep track of. We have Coder Classic users who use the REST API as a workaround to automate role assignment but would prefer to leverage their SSO as the source of truth.

Similar software such as GitLab (OIDC, SAML) and Hashicorp Vault (OIDC, LDAP) has this functionality.

Currently, Coder only supports SSO (single sign-on) via GitHub OAuth and OIDC providers. This issue should be considered completed when all current SSO providers in Coder have this feature. Well, those that are capable of role/group mapping, such as OIDC.