Brightspot CMS User Guide

Associating SSO groups with Brightspot roles


In most scenarios, single sign-on servers associate users with groups. Similarly, most publishers associate Brightspot users with roles. As a best practice, you should associate the SSO groups with the corresponding Brightspot roles. This practice ensures that when a user successfully logs in through single sign-on, Brightspot associates the user with the correct role.

Caution
If a group on the SSO server is not associated with a Brightspot role, all users associated with that group are denied login to Brightspot (even if they pass authentication on the SSO server). Ensure all groups on the SSO server are appropriately associated with Brightspot roles.
Warning
If you do not configure any group-role associations, then any user passing SSO authentication is granted the default role configured in Global Settings > Main > Default Role. If no such default role is configured, then the user is granted the administrator role with full permissions. Ensure you configure at least one group-role association.

To associate SSO groups with Brightspot roles:

  1. Click menu > Admin > Sites & Settings.
  2. Under Legacy Settings, click Saml.
  3. In the Name field, enter a name for this setting, or retain Saml as the default. (The URL field is not used.)
  4. Under Groups to Roles, do the following:
    1. Click add_circle_outline.

      Associating SSO groups with Brightspot roles Associating SSO groups with Brightspot roles

    2. In the Group field, enter a group existing on the SSO server.
    3. In the Role field, select an existing Brightspot role.
    4. Repeat steps a–c to associate additional groups to roles.
  5. Click Save.

Referring to the previous illustration, a user signing on through SSO and who has the group ssoBrightspotEditors receives all the permissions in Brightspot associated with the role editor.

Previous Topic
Single sign-on and SAML
Next Topic
Integrating single sign-on
Was this topic helpful?
Thanks for your feedback.
Our robust, flexible Design System provides hundreds of pre-built components you can use to build the presentation layer of your dreams.

Asset types
Module types
Page types
Brightspot is packaged with content types that get you up and running in a matter of days, including assets, modules and landing pages.

Content types
Modules
Landing pages
Everything you need to know when creating, managing, and administering content within Brightspot CMS.

Dashboards
Publishing
Workflows
Admin configurations
A guide for installing, supporting, extending, modifying and administering code on the Brightspot platform.

Field types
Content modeling
Rich-text elements
Images
A guide to configuring Brightspot's library of integrations, including pre-built options and developer-configured extensions.

Google Analytics
Shopify
Apple News