Hi,

I'm helping a project by implementing authentication with Federated security for CMS and Commerce.

The project wants to use 4 roles being Administrators, WebAdmins, WebEditors and CommerceAdmins, which have been created in the appRoles in the Manifest,

I have followed the documentation at https://world.episerver.com/documentation/developer-guides/CMS/security/federated-security/ and it seems to be working fine except for the CommerceAdmins role.

Users in the Active Directory with the roles Administrators, WebAdmins, WebEditors have access according to what they should have, but users with the CommerceAdmins role just get an "Access Denied - Your account does not have rights to access this feature of the commerce manager." when I try to log them into Commerce Manager.

Edit: So I discovered inside Permissions for Functions that the CommerceAdmins group didn't have permissions for anything including login to Commerce manager. This I'm abit confused about because according to https://webhelp.episerver.com/17-2/commerce/access-rights.htm the CommerceAdmins should provide access to "All parts of Commerce Manager except Administration, but not the admin view in CMS."

Help and pointers would be much appreciated.