Manage SSO User Group Synchronization

For Organizations that use Single Sign-On (SSO) to manage user access, the platform supports two different options for when a user’s membership in a User Group gets determined.

Note: This feature is available for Organization Administrators.

To configure the User Group synchronization option for your Organization:

  1. Log into the Marigold ID User Workspace.

  2. Click your profile icon in the top-right corner of the screen. The Profile Info pop-up window is displayed.

  3. Within the Profile Info pop-up window, click Marigold ID Administration. The Marigold ID Administration environment is displayed, with the Users tab selected by default.

  4. Select the User Groups tab. This tab displays all currently defined User Groups.

  5. At the bottom of the screen, select the desired option:

    • Assign User Group upon First Login: User Group membership is assigned to SSO users during their first login (user creation). Any later changes to the user access in your Identity Provider will not be synchronized with Marigold ID.

    • Always Sync User Group upon Login: User Group membership is determined at each SSO login. This option is recommended to ensure that user access is always synchronized between your Identity Provider and Marigold ID.