View the original community article here
Last tested: Jan 8, 2018
Yes. Each time a user logs in with SAML/LDAP/OpenID, their role gets reconstructed based on the SAML/LDAP/OpenID groups they are in.
So, if you have group to role mapping set up in Looker, then you can change Looker permissions solely by editing the user's groups in the external authentication system.