Associating SSO groups with Brightspot roles
In most scenarios, single sign-on servers associate users with groups. Similarly, most publishers associate Brightspot editors with roles. As a best practice, you should associate the SSO groups with the corresponding Brightspot roles. This practice ensures that when an editor successfully logs in through single sign-on, Brightspot associates the editor with the correct role.
To associate SSO groups with Brightspot roles:
- Click > Admin > Sites & Settings.
- Under Legacy Settings, click Saml. The Edit Saml widget appears.
Under Groups to Roles, do the following:
Click . A form appears.
- In the Group field, enter a group existing on the SSO server.
- In the Role field, select an existing Brightspot role.
- Repeat steps a–c to associate additional groups to roles.
- Click Save.
Referring to the previous illustration, an editor signing on through SSO and has the group
ssoBrightspotEditors receives all the permissions in Brightspot associated with the role Editors.