https://community.qlik.com/t5/Management-Governance/user-group-vs-user-environment-group/m-p/1929166#M22096 <P>Hey there,</P><P>user.group is the attribute for the user which comes from a User Directory Connector. This is considered a "persistent" attribute in the sense that Qlik stores this information (unless removed via the user directory).</P><P>user.environment.* are&nbsp;<EM>session</EM> attributes. These come from the configured authentication provider (typically SAML but possible via JWT, OIDC, and Web Ticketing). These values are not stored inside of Qlik but instead are evaluated when the user accesses Qlik. There's a good primer on session attributes here:&nbsp;<A href="https://community.qlik.com/t5/Qlik-Design-Blog/User-Environment-What-Session-Attributes-in-Qlik-Sense/ba-p/1476590" target="_blank">https://community.qlik.com/t5/Qlik-Design-Blog/User-Environment-What-Session-Attributes-in-Qlik-Sense/ba-p/1476590</A>.</P><P>Hope that helps.</P> Wed, 11 May 2022 11:31:57 GMT Levi_Turner 2022-05-11T11:31:57Z https://community.qlik.com/t5/Management-Governance/user-group-vs-user-environment-group/m-p/1929012#M22089 <P>Hi everyone,</P> <P>I play around with the security rules. In this context I am passing user groups from Active Directory to use in the conditions of the rules. One question is just coming up: What exactly is the difference between user.group and user.environment.group, if there is one.</P> <P>Any clues on this?</P> <P>Best<BR />Simon</P> Wed, 11 May 2022 08:03:32 GMT https://community.qlik.com/t5/Management-Governance/user-group-vs-user-environment-group/m-p/1929012#M22089 SimonInc 2022-05-11T08:03:32Z https://community.qlik.com/t5/Management-Governance/user-group-vs-user-environment-group/m-p/1929166#M22096 <P>Hey there,</P><P>user.group is the attribute for the user which comes from a User Directory Connector. This is considered a "persistent" attribute in the sense that Qlik stores this information (unless removed via the user directory).</P><P>user.environment.* are&nbsp;<EM>session</EM> attributes. These come from the configured authentication provider (typically SAML but possible via JWT, OIDC, and Web Ticketing). These values are not stored inside of Qlik but instead are evaluated when the user accesses Qlik. There's a good primer on session attributes here:&nbsp;<A href="https://community.qlik.com/t5/Qlik-Design-Blog/User-Environment-What-Session-Attributes-in-Qlik-Sense/ba-p/1476590" target="_blank">https://community.qlik.com/t5/Qlik-Design-Blog/User-Environment-What-Session-Attributes-in-Qlik-Sense/ba-p/1476590</A>.</P><P>Hope that helps.</P> Wed, 11 May 2022 11:31:57 GMT https://community.qlik.com/t5/Management-Governance/user-group-vs-user-environment-group/m-p/1929166#M22096 Levi_Turner 2022-05-11T11:31:57Z