Define user accounts according to SSO user groups - Fluid Topics

Profile mappers use cases

Category
Technical Notes
Audience
public
Version
Latest

In this scenario, the Acme company has three user groups in an OpenID Connect instance.

These groups are:

  • admin-group
  • sales-group
  • partners-group

To define user accounts in Fluid Topics based on the SSO groups, the administrators of Acme create the following script:

// Define the groups and roles for users which are not in a specific group
user.groups = [];
user.roles = ["FEEDBACK_USER","RATING_USER","PRINT_USER"];

// Define the groups, roles, and search preferences for the admin-group users
if (attributes.groups.includes('/admin-group')){
      user.groups.push("admins");
    user.roles.push("ADMIN"); 
    user.preferences.metadata = {
      'ft:sourceId': { 
            filter: ['dita','paligo','ud', 'word', 'confluence']
      }
    }
// Define the groups, roles, and search preferences for the sales-group users
} else if (attributes.groups.includes("/sales-group")){
      user.groups.push("sales");
    user.roles.push("ANALYTICS_USER", "PERSONAL_BOOK_USER", 
    "PERSONAL_BOOK_SHARE_USER", 
    "HTML_EXPORT_USER", 
    "PDF_EXPORT_USER", 
    "SAVED_SEARCH_USER", "COLLECTION_USER", 
    "PRINT_USER","OFFLINE_USER");
    user.preferences.metadata = {
      'audience_type': {
        prior: 'sales',
        filter: ['sales', 'partners']
      },
      'prodname':{
            prior: 'FT'
      },
      'version':{
            prior: 'latest'
      }
    }
// Define the groups, roles, and search preferences for the partners-group users
} else if (attributes.groups.includes('/partners-group')){
      user.groups.push("partners");
    user.roles.push("PERSONAL_BOOK_USER", 
    "PERSONAL_BOOK_SHARE_USER", 
    "HTML_EXPORT_USER", 
    "PDF_EXPORT_USER", 
    "SAVED_SEARCH_USER", "COLLECTION_USER", 
    "PRINT_USER","FEEDBACK_USER","RATING_USER"); 
    user.preferences.metadata = {
      'audience_type': {
        prior: 'partners',
        filter: ['partners']
      },
      'prodname':{
            prior: 'Fluid Topics',
            filter: ['Fluid Topics', 'AFS']
      },
      'version':{
            prior: 'latest'
      }
    }
}

With this script, when employees connect, their Fluid Topics account automatically updates with the correct roles, Fluid Topics groups, and search preferences.

  • attributes corresponds to the user's values coming from the authentication realm.
  • user.groups corresponds to the user's groups.
  • user.roles corresponds to the user's roles.
  • user.preferences corresponds to the user's search preferences.