This feature is available to Enterprise accounts and has to be turned on by Customer Support. Contact us via live chat or [email protected] for more information.
In ScreenSteps each user account has a role assigned to them. Normally you assign roles to each user individually. However, ScreenSteps also supports assigning user roles based on user group membership. This feature is called "Manage User Roles Via Groups".
This feature is typically used by customers who leverage SCIM to manage their users in ScreenSteps or who pass User Group information in the SAML Assertion.
How does the "Manage User Roles Via Groups" feature work?
- Each user group can have a role assigned to it. If the user group role is set to Contributor or Admin then users belonging to the group will be assigned role of the group.
- Roles are only assigned at the group level. You can not change the role of users unless you add them to a group that is assigned the role you would like the user to have.
- If a user belongs to multiple groups which have different roles, the highest permission role will be assigned to the user. For example, if a user belongs to two user groups and has a Contributor role and another has an Admin role, the user will be assigned the Admin role.
- If a user does not belong to any groups then they will be a Reader.
There are two exceptions to the rules above:
- The account owner will always have Admin privileges regardless of which group they belong to.
- API Access users maintain a separate role and are not assigned a role based on group membership.
0 Comments
Add your comment