Create & manage user groups
LAUNCHING SOON!
Using IdeaScale’s SSO, there are two ways to map Attributes and create/manage User Groups
-
SSO Group Attribute Mapping (automatic group creation): Groups can be ‘mapped’ directly to IdeaScale using your IdP. In this case, your IdP attributes will automatically create your groups and add members to them.
-
SSO Profile Field Mapping (manual group creation based on SSO-provided field values): Ask profile questions and configure groups based off of the questions. Then enable the 'Auto-Assign by SSO' feature.
SSO Group Attribute Mapping
If your Identity Provider (IdP) sends a group attribute in the SAML assertion, IdeaScale can auto-create and auto-assign groups without any manual setup in the Groups section.
Manage Workspace >> Security >> Authentication >> Single Signon
-
Click on the More option (3 dots) beside the SSO name and select Map Attributes from the dropdown.
2. Here, add the group name in the attribute that will be utilized within the workspace or community via IdP. The group name will be extracted from the SSO assertion based on the name or friendly name provided. If multiple values are input, the system will search for each one and create a group as necessary. When community members log in using SSO, they will either be automatically assigned to the designated group or a new group will be created if required.
Example SAML Attribute
<saml:Attribute Name="group">
<saml:AttributeValue>Finance</saml:AttributeValue>
<saml:AttributeValue>HR</saml:AttributeValue>
</saml:Attribute>
Here the attributes entered in the Groups field will be- Finance, HR
This will place the member in both “Finance” and “HR” groups automatically.
Workspace Admin will be able to override/modify the members within an IdP mapped group if necessary by going into the Member Management >> Groups settings.
Note: Auto Assign by SSO in the Group Settings will turn on automatically when someone logs in via SSO and is added to that group. Workspace Admin can not turn on/off this setting.
Mapping by Profile Questions:
Part 1
Manage Workspace >> Workspace Configuration >> Profile Questions
Community Settings >> General Settings >> Community Info >> Member Profile Questions.
If your IdP sends other attributes (e.g., department, region, role), you can map them to IdeaScale profile fields and use them as criteria for manually created groups.
Below is a screenshot of the panel used to create the profile questions.When this feature set is paired with IdeaScale’s group function (instructions in Part II below), members will be segmented into groups according to the response given for each profile question. 
Help article on Workspace Profile Questions
Help article on Community Member Profile Question
Part II
After creating the profile questions, to go: Manage Workspace >> Security >> Authentication >> Single Signon
Click on the More option (3 dots) beside the SSO name and select Map Attributes from the dropdown.
2. Here, map the attributes to create groups based on the profile questions created on Workspace or Community. 
Example SAML Attribute
<saml:Attribute Name="department">
<saml:AttributeValue>Finance</saml:AttributeValue>
</saml:Attribute>
Here the attributes entered in the Workspace Member Profile Questions or Community Member Profile Questions field will be- Department, and the value under Group criteria will be HR
This will place the member in "HR” group automatically.
Part III
After enabling SSO, go to Member Management >> Groups
-
Create the user groups
-
Create the group’s name and update other settings
-
Toggle to Assignment Method (screenshot below)
-
Choose Auto assignment based on Profile Criteria
-
Choose what response from the profile question is needed for the user to be automatically added into this particular group.
Help article on Group assignment method
Under ‘Groups’ you will also be able to manage the members within the group and see how many users are in a particular group.