Skip to main content

How can we help?

Search

Room Reservations: Managing SSO Users Quick Reference

Updated: Andrew Tat Edited:

After SSO is successfully configured, your Platform Administrators will need to manage user permissions within Room Reservations:

 

Automatic User Provisioning

When users log in via SSO for the first time:

  • Their account is automatically created in Room Reservations
  • They receive a base user role with limited permissions
  • They appear in your user management panel

 

Assigning Roles & Permissions

Platform Administrators should:

  1. Review new SSO users regularly (especially during initial rollout)
  2. Assign appropriate roles based on each user's responsibilities:
    • Platform Admin
    • Facilities Manager
    • Event Coordinator
    • User (base role)
  3. Add users to user groups to control:
    • Which spaces they can reserve
    • Which buildings or locations they can access
    • Approval workflows they participate in
    • Additional permissions based on group policies

 

Recommended Best Practices

  • Plan your access structure before enabling SSO
  • Document your role/group assignments for consistency
  • Establish a process for reviewing and assigning permissions to new users
  • Train your Platform Admins on user management before go-live
  • Communicate expectations to end users about access levels

 

Frequently Asked Questions

Q: Can we pass role assignments from our IdP to Room Reservations?
A: Currently, Room Reservations does not support custom SAML attributes for role assignment. Roles and permissions are managed within the Room Reservations platform by Platform Administrators. This approach provides greater flexibility and control based on feedback from higher education institutions.

Q: How do we restrict which users can access Room Reservations?
A: Access should be controlled at your IdP level. Only assign access to the Room Reservations SAML application for users who should be able to log in. Once authenticated via SSO, specific permissions within Room Reservations are managed by your Platform Admins.

Q: What if a user should no longer have access?
A: Remove their access to the Room Reservations SAML application in your IdP. They will no longer be able to authenticate. Platform Admins can also disable users within Room Reservations if needed.

Q: Can users have different permission levels?
A: Yes! Platform Admins assign roles and add users to groups within Room Reservations, allowing for granular control over what each user can access and do in the system.

Q: Will existing users be affected when we enable SSO?
A: Existing username/password accounts will continue to work as long as the email the user was created with is the same email in your IdP.

 

Support

If you encounter issues during setup or have questions:

Related articles