·¬ÇÑÉçÇø

Brightspot CMS User Guide

Associating SSO groups with Brightspot roles


In most scenarios, single sign-on servers associate users with groups. Similarly, most publishers associate Brightspot users with roles. As a best practice, you should associate the SSO groups with the corresponding Brightspot roles. This practice ensures that when a user successfully logs in through single sign-on, Brightspot associates the user with the correct role.

Caution
If a group on the SSO server is not associated with a Brightspot role, all users associated with that group are denied login to Brightspot (even if they pass authentication on the SSO server). Ensure all groups on the SSO server are appropriately associated with Brightspot roles.
Warning
If you do not configure any group-role associations, then any user passing SSO authentication is granted the default role configured in Global Settings > Main > Default Role. If no such default role is configured, then the user is granted the administrator role with full permissions. Ensure you configure at least one group-role association.


To associate SSO groups with Brightspot roles:

  1. Click menu > Admin > Sites & Settings.
  2. Under Legacy Settings, click Saml.
  3. In the Name field, enter a name for this setting, or retain Saml as the default. (The URL field is not used.)
  4. Under Groups to Roles, do the following:
    1. Click add_circle_outline.

      Associating an SSO group with a Brightspot role Associating an SSO group with a Brightspot role
      Associating an SSO group with a Brightspot role

    2. In the Group field, enter a group existing on the SSO server.
    3. In the Role field, select an existing Brightspot role.
    4. Repeat steps a–c to associate additional groups to roles.
  5. Click Save.

Referring to the previous illustration, a user signing on through SSO and who has the group ssoBrightspotEditors receives all the permissions in Brightspot associated with the role editor.

Previous Topic
Single sign-on and SAML
Next Topic
Integrating single sign-on
Was this topic helpful?
Thanks for your feedback.
Our robust, flexible Design System provides hundreds of pre-built components you can use to build the presentation layer of your dreams.

•
•
•
Brightspot is packaged with content types that get you up and running in a matter of days, including assets, modules and landing pages.

• Content types
• Modules
• Landing pages
Everything you need to know when creating, managing, and administering content within Brightspot CMS.

• Dashboards
• Publishing
• Workflows
• Admin configurations
A guide for installing, supporting, extending, modifying and administering code on the Brightspot platform.

• Field types
• Content modeling
• Rich-text elements
• Images
A guide to configuring Brightspot's library of integrations, including pre-built options and developer-configured extensions.

• Google Analytics
• Shopify
• Apple News