When you set up a ScreenSteps account, access to the Content Management and Admin Centers—as well as your private sites—are controlled using a ScreenSteps username/password. This article will explain the other Identity Provider (IDP) options you have and show you where you can configure them.
The Admin Center Site Access area
Access to your sites and the Content Management and Admin Centers is controlled in the Site Access area. You can get there through the Account > Site Access menu option.
Once you are there you will see the following three sections:
- Content Management and Admin Centers
- Primary Site
- Other Sites
The Identity Provider (IDP) column for each of these sections allows you to customize how users log in to your ScreenSteps resources.
One Identity Provider can be configured for each unique domain associated with your ScreenSteps account. Here are some rules to keep in mind:
- The Content Management Center/Admin Center and the Primary Site share the same domain by default. That means the Identity Provider you configure for the Content Management and Admin Centers will apply to the Primary Site.
- If you want to configure a different Identity Provider for the Primary Site then configure a Vanity Domain for the Primary Site.
- All Sites appearing in the Other Sites section have a unique domain* and can have their Identity Provider configured.
* Some older ScreenSteps accounts do not have a unique domain for each site. If this is the case reach out to [email protected] so we can help you update your account to use this feature. There is no additional charge.
Edit the Identity Provider
Click on the pencil icon in the Identity Provider column to edit the Identity Provider.
Which Identity Provider would you like to configure?
This is the default Identity Provider supplied by ScreenSteps. Users who log into with a ScreenSteps username/password are considered local users and their username/password will be stored in the ScreenSteps system.
Select ScreenSteps username/password from the Login through menu to use this option.
SAML is the preferred method when configuring a Single Sign-on Identity Provider with ScreenSteps. Many 3rd party Identity Providers support SAML and this will not require any additional programming from your team.
Select SAML from the Login through menu to use this option.
For detailed instructions on setting up SAML refer to the Set up Single Sign-on help article.
Remote Authentication is ScreenSteps specific and allows your team write code in your application to control user access to ScreenSteps. Only use this method if your system does not support SAML or if you have specific customization needs.
Select Remote Authentication from the Login through menu to use this option.
For detailed instructions on setting up Remote Authentication refer to the Set up Single Sign-on help article.
Sites can be configured to login through the Account Domain. ScreenSteps will give a user access to the site if the user has already logged in to the identity provider being used by your account domain (the domain used for the Content Mangement and Admin Centers). This can be useful if you want to share a Single Sign-on Identity Provider with your account domain. It is also useful if you wants users to be logged into any of your sites if they are logged into the account domain.
Select Account Domain from the Login through menu to use this option.