Summary:

I want to iterate through a users pyAccessGroupsAdditional datalist then either change the pyAccessGroup or delete the value if it doesn't match additional criteria

Details:

We created a standalone application in Pega with users and access groups. Then we had requirements to use Active Directory(AD)/SAML to authenticate. Now we're changing the application to utilize the AD groups as a starting point for the access groups within Pega.

We're using Mapping to get the claims to pyAccessGroupsAdditional because someone can be in multiple groups.

This works to a degree, but we want the user to have specific access group if we find them in the datalist and remove the other ones if not needed. We're only interested in a small range of groups (3-4). due to the large nature of our organization, someone can have 50+ groups.