Podbean supports the “role” attribute in SSO response, thus you can set a “role” for a user when they SSO login to Podbean. Please ask your SSO Admin to add the “Role” attribute in SSO response following the example below.
<saml:AttributeStatement>
<saml:Attribute Name="Role"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue xsi:type="xs:string">Admin</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
Podbean supports the following 4 roles.
- Admin
- Channel-admin
- Contributor
- Audience
The default role is “Audience”.
When the role attribute is not included in the SSO response:
- If this is a new user, this user will be created with the role as “Audience”.
- If this is an existing user, this user’s role will not be changed.
If the role in the SSO response is different from the role in our system, this user’s role will be changed to the one in the SSO response.