In this scenario, the Acme company has three user groups in an OpenID Connect instance.
These groups are:
admin-group
sales-group
partners-group
To define user accounts in Fluid Topics based on the SSO groups, the administrators of Acme create the following script:
// Define the groups and roles for users which are not in a specific group
user.groups = [];
user.roles = ["FEEDBACK_USER","RATING_USER","PRINT_USER"];
// Define the groups, roles, and search preferences for the admin-group users
if (attributes.groups.includes('/admin-group')){
user.groups.push("admins");
user.roles.push("ADMIN");
user.preferences.metadata = {
'ft:sourceId': {
filter: ['dita','paligo','ud', 'word', 'confluence']
}
}
// Define the groups, roles, and search preferences for the sales-group users
} else if (attributes.groups.includes("/sales-group")){
user.groups.push("sales");
user.roles.push("ANALYTICS_USER", "PERSONAL_BOOK_USER",
"PERSONAL_BOOK_SHARE_USER",
"HTML_EXPORT_USER",
"PDF_EXPORT_USER",
"SAVED_SEARCH_USER", "COLLECTION_USER",
"PRINT_USER","OFFLINE_USER");
user.preferences.metadata = {
'audience_type': {
prior: 'sales',
filter: ['sales', 'partners']
},
'prodname':{
prior: 'FT'
},
'version':{
prior: 'latest'
}
}
// Define the groups, roles, and search preferences for the partners-group users
} else if (attributes.groups.includes('/partners-group')){
user.groups.push("partners");
user.roles.push("PERSONAL_BOOK_USER",
"PERSONAL_BOOK_SHARE_USER",
"HTML_EXPORT_USER",
"PDF_EXPORT_USER",
"SAVED_SEARCH_USER", "COLLECTION_USER",
"PRINT_USER","FEEDBACK_USER","RATING_USER");
user.preferences.metadata = {
'audience_type': {
prior: 'partners',
filter: ['partners']
},
'prodname':{
prior: 'Fluid Topics',
filter: ['Fluid Topics', 'AFS']
},
'version':{
prior: 'latest'
}
}
}
With this script, when employees connect, their Fluid Topics account automatically updates with the correct roles, Fluid Topics groups, and search preferences.
attributes
corresponds to the user's values coming from the authentication realm.user.groups
corresponds to the user's groups.user.roles
corresponds to the user's roles.user.preferences
corresponds to the user's search preferences.