Associating SSO groups with Brightspot roles
In most scenarios, single sign-on servers associate users with groups. Similarly, most publishers associate Brightspot users with roles. As a best practice, you should associate the SSO groups with the corresponding Brightspot roles. This practice ensures that when a user successfully logs in through single sign-on, Brightspot associates the user with the correct role.
To associate SSO groups with Brightspot roles:
- Click > Admin > Sites & Settings.
- Under Legacy Settings, click Saml.
- In the Name field, enter a name for this setting, or retain Saml as the default. (The URL field is not used.)
- Under Groups to Roles, do the following:
- In the Group field, enter a group existing on the SSO server.
- In the Role field, select an existing Brightspot role.
- Repeat steps a–c to associate additional groups to roles.
- Click Save.
Referring to the previous illustration, a user signing on through SSO and who has the group
ssoBrightspotEditors receives all the permissions in Brightspot associated with the role