Defining SSO Rules (2.8)
SSO rules connect users and user roles, so that each user has the privileges associated with those roles.
Rule Types
There are three types of SSO rules:
-
A user rule directly assigns a specific user to one or more user roles.
-
A job title rule adds user roles based on a specific job title. Any user who has the given job title is added to those user roles as well.
-
A group rule adds user roles based on groups defined by an identity provider (such as Active Directory). Any user who belongs to the given group is added to those user roles as well.
Defining an SSO Rule
To create an SSO rule:
-
Click the Management icon in the application menu.
-
In the Security section, click SSO Rules.
The page then displays a table of the existing SSO rules.
-
Click New SSO Rule in the upper right, above the table of SSO rules.
The system displays a popup dialog box.
-
For Rule Type, select a rule type.
-
Specify the following details, which depend on rule type:
-
For a Username rule, specify Username. This must exactly match the name of the user to which it is intended to apply.
-
For a Job Title rule, specify Job Title. This must exactly match the job title to which it is intended to apply.
-
For a GroupID rule, specify Group. This must exactly match the identity provider group to which it is intended to apply.
Also specify User Group Description, which should be a name for this group within this application. This name is shown in Rule Details on the SSO Rules page.
-
-
In the User Roles section, select the user roles associated with this SSO rule.
-
Click Submit.
The new SSO rule is then added to the table.
Editing an SSO Rule
To edit an SSO rule:
-
Click the Management icon in the application menu.
-
In the Security section, click SSO Rules.
The page then displays a table of the existing SSO rules.
-
Click the Edit icon in the applicable row.
The system displays a popup dialog box.
-
Edit any value, just as when you create an SSO rule.
-
Click Submit.
Deleting an SSO Rule
To delete an SSO rule:
-
Click the Management icon in the application menu.
-
In the Security section, click SSO Rules.
The page then displays a table of the existing SSO rules.
-
Click the Delete icon in the applicable row.
The system displays a popup dialog box to confirm this action.
-
Click Delete.