Patent attributes
Various examples are directed to a cloud platform system that comprises a plurality of cloud platform deployments including a first cloud platform deployment implemented at a first geographic region and a second cloud platform deployment implemented at a second geographic region. An access manager system receives from a user computing device, a user logon request identifying a user. The access manager system also receives, from an identity provider system, group data associated with the user logon request, the group data indicating a first group to which the user belongs. The access manager system determines that a subaccount access map correlates the first group to a first subaccount that is implemented at the first cloud platform deployment. The access manager system also provides the user computing device an indication that the user is authorized to access the first subaccount.
