CMS User Roles are used to direct members and visitors to different areas of your website. Developers can assign these CMS user roles to user roles in their CMS or LMS, often by using a SAML Plugin, though sometimes this is done through the API, as with Sitefinity. note that you would only use CMS user roles if D365 is the Identity Provider in the SSO configuration.
CMS User Roles are based on queries (advanced find) that you use to identify different groups in your contacts.
By default, the "Active Contacts" group is created, which allows anyone that is pulled in the role's query to log onto the portal.
To create a new CMS User Role
NOTE: DO NOT Modify the Active Contacts role
Log into your CRM and open Settings > Set Up > CMS User Roles
Fill in the
- Type (Website Role)
- For CMS User Roles that select a group of CONTACTS (Members, Contacts without Membership):
- User Entity - This is the entity that the role refers to (Usually contact or systemuser)
- AD Authentication - This flag determines if the role authenticates by using active directory credentials (No for contacts, Yes for system users (since they're authenticated in AD))
- Username Field - If you've set AD Authentication to No, this field requires the schema of the field on the entity that is used as their UN (Often cobalt_username but can be any field)
- Password Field - If you've set AD Authentication to No, this field requires the schema of the field on the entity that is used as their PW (Usually cobalt_password)
- Friendly Name Field - This field defines the schema of the field on the entity that is used as their display name when autheticating (Usually fullname but can be any field)
- Email Address Field - This field defines the schema of the field on the entity that is used as their email (Usually emailaddress1)
- For CMS User Roles that select a group of USERS (CRM Backend Users)
- User Entity (systemuser)
- AD Authentication (Yes)
- Username Field (personalemailaddress)
- Password Field (leave blank)
- Friendly Name Field (fullname)
- Email Address Field (personalemailaddress)
- Save the CMS User Role (but do not close. This allows an attached query to be created)
- Open the query
- Modify the Query/Advanced Find to match your criteria
- Check Results to make sure you're getting the people you wanted.
- Save Query
- Save and Close CMS User Role
Provide the web developer with the exact name of the new role. They will need to input this into the SAML Plugin or whatever other means they are using to reference the roles.
NOTE: When creating the CMS User Role that will be used for the site administrators who will have backend admin access to the site, be sure that the administrator user for the CRM is included in query of the role so that Cobalt staff can also have backend access for quick troubleshooting.