When you try to enable SSO for your Aura instances access, if the list of groups is too long to fit into an access token in an Azure Active Directory (Azure AD) application, you may encounter token size limitations. Access tokens are used to represent a user's identity and access rights, and they have a maximum size limitation. When dealing with a large number of groups, the token may become too large to be practical.
Here's a detailed, step-by-step guide on how to handle this type of scenario.
- Change the groups assigned to the application, select the application from the Enterprise applications list. Select Users and Groups and then Add user/group. Select the Neo4j Aura related group(s) you want to add to the application from Users and Groups.
- Select Azure AD -> Application Registrations -> "your Aura SSO application" -> Token configurations and edit your groups claim as this screenshot.
- Verify that your groups list in the access token to ensure only the assigned groups' information is shared.