How Do I Manage Users With SSO

Rebekah Garner
Rebekah Garner
  • Updated

Single Sign-On (SSO) enables users to sign into the Claravine platform using their organization-managed credentials, instead of managing a different login specific to Claravine.

 

If you chose the SSO authentication and authorize option, your company's IT department will manage access and role assignment (user, manager, admin), but all user Group assignment and Manager-level permissions (manager users, manage lists, etc.) is managed by admins in Claravine.   (SSO determines access and role, internal and external users)

 

If you chose the SSO authentication only option, your company's IT department will manage access only.  All user Group assignment, user role assignment (user, manager, admin), and Manager-level permissions (manager users, manage lists, etc.) is managed by admins in Claravine.  (SSO determines access only, internal and external users) 

 

If you chose the SSO authentication in addition to Claravine authentication option, your company's IT department will manage internal user access only.  External users are added and managed by admins in Claravine. All user Group assignment, user role assignment (user, manager, admin), and Manager-level permissions (manager users, manage lists, etc.) is managed by admins in Claravine.  (SSO determines internal user access only) 

 

For more information read our Single Sign-On (SSO) Overview article.

 

 

How to Assign Groups and Set Permission for a User

  1. In all 3 SSO Authentication Options - Provide your company-specific Claravine URL to the user https://www.[customer]claravine.com
            The login page appears.

    Login screen for SSO authentication and authorization and SSO authentication only options:


    Login screen for SSO authentication in addition to Claravine authentication option (internal-organization users click "Log in at [Company]" button, external-organization users click "Log in at Claravine" button):
    mceclip3.png

  2. The user logs in using SSO. 
    mceclip3.png The user will not see any templates in Claravine. They must first be added to a Group.

  3. The user notifies a Claravine administrator that they have successfully logged in to Claravine.

  4. The Claravine administrator logs into Claravine and navigates to the Users menu.

  5. The administrator clicks the name of the user to modify.

  6. If you have selected SSO authentication and authorization:

    1. Select the Group from the drop-down menu or begin typing the name to filter the list. Select all Groups that apply.

    2. The user Role is preset by your IT Identity Provider. If a User, select "Allow Submission Editing" if applicable. If a Manager, select the Manager Permissions.
      mceclip2.png

  7. If you have selected SSO authentication only or SSO authentication in addition to Claravine authentication:
    1. Select the Group from the drop-down menu or begin typing the name to filter the list. Select all Groups that apply.
    2. Select the Role from the drop-down menu. Mark the user to "Allow Submission Editing" if applicable. If a Manager, select the Manager Permissions.
      mceclip0.png

      Access Level Description
      User User access level allows a user to create submissions using the templates assigned at the group level.
      mceclip3.png Select Allow Submission Editing to allow the user to edit submissions after they have been completed.
      Manager Manager access level has intermediate permissions an Administrator assigns. You can assign a Manager permission to edit the following items:
      • Allow Submission Editing: allow the user to edit submissions after they have been submitted.
      • Manage Users: Allows management of users.
      • Manage Groups: Allows management of groups.
      • Manage Connectors: Allowing edits to be made to the connectors the group uses to connect to Adobe Analytics, Google Analytics, FTP locations, Box, Bit.ly, Facebook, etc.
      • Manage Targets: Allowing edits to be made to all designated targets where metadata is flowing to such as report suite and reports in Adobe, Properties in Google Analytics, etc.
      • Manage Field Sets: Allow edits to be made to all field sets.
      • Manage Lists: Allow edits to be made to all pick lists.
      • Manage Templates: Allow edits to be made to all templates.
      • Manage Folders: Allow edits to be made to all folders.
      • Manage Patterns: Allow edits to be made to all patterns.
      • Manage Account Settings: Allow edits to be made to the company name and organization logo.
      • Access Organization Reports: Allow viewing of the Organization Reports.
      Administrator Administrators access level has full permissions to see and edit all areas of the account including users, groups, connectors, targets, field sets, lists, templates, folders, patterns, account settings, and organization reports.


  8. Click Save User.

mceclip3.png When the user refreshes their browser or logs into Claravine next they will see all templates based on their Group assignment.



SSO FAQ

Q:  My Non-SSO users are getting an error message when they try to log in

A:  In cases like this, the Non-SSO Users have clicked the wrong button on the login page.  In the screenshot below, they should click on the green login button instead of the grey button.

 

mceclip3.png

Comments

0 comments

Article is closed for comments.