In this article, we go over:
How are PostBeyond user account's Generated via SSO
If an employee is found within the IdP group of the PostBeyond SSO application and they do not have a PostBeyond user account, clicking SSO from the PostBeyond login page will generate an account:
If a user's account is created in this method, they are automatically put into the Core/All group of the instance, which might not be ideal for your program as this is typically the group that has access to all content.
Solution
To avoid this, admins have the ability to create and/or label a group the SSO default group.
Benefits of the Default SSO group include:
ππ½ Regrouping the users when the time is convenient
ππ½ Easily identifying SSO generated users
ππ½ Ensuring that SSO users have access to general content and not all content
How to Set up SSO Default Group
Step 1: Create an SSO Default Group
You can call this anything, but make sure it is an obvious group for you and your team to quickly identify
Step 2: Apply the Default to the SSO Default Group
You will notice a little person icon beside the All/Core group. This is automatically applied to the Core group of all instances and indicates that SSO-generated users will be moved here.
Click the 3 dots of the group you would like to make the default group, and select Make Default Group for New Users:
Complete!
Once this is done, you will notice the icon beside the group you've selects as the New user's default group.