It is possible to manage most role assignment via Ming.le, as many applications have Security Roles defined in Infor Ming.le. These Security Roles become available when adding M3 applications in Infor Ming.le. Security Roles in Infor Ming.le can be used for access control to Grid applications, given that there exist Grid role mappings between the Security Roles and the corresponding Grid roles. Grid applications that do not have Security Roles defined in Infor Ming.le need to have their access managed directly in the Grid role mappings.
It is possible to assign certain Security Roles to all users. Examples of such roles are M3UI-User and MingleEnterprise. Consider which Security Roles to assign in this manner. See "Assigning a Security Role to all new or existing users in Infor Ming.le 12" in M3 Core Administration Guide.
The GRID-Administrator role has no use in on-premise scenarios. To manage the grid itself, we recommend using certificates rather than by authenticating with SAML, for example by accessing the Grid Management Pages via the LCM.