Skip to main content
All CollectionsUser Management
SSO Mapping: Mapping Active Directory Groups to Teams in Monotype Fonts
SSO Mapping: Mapping Active Directory Groups to Teams in Monotype Fonts
Supriya Bisht avatar
Written by Supriya Bisht
Updated over 9 months ago

SSO mapping

Using the SSO mapping feature, you can map teams in Monotype Fonts with your company’s existing active directory (AD) groups. Once set up, this integration ensures that when users in your AD groups log into Monotype Fonts via SSO, they are provisioned into the right teams with their respective user roles and have immediate access to the font assets (folders, font lists, web projects, and more) aligned with their creative projects.

To implement this feature, make sure that your SSO set up is configured to pass group information in its SAML assertion.


Creating a new mapping

Let’s take a look at how to create a new SSO mapping:

1. Begin by clicking on the SSO tab in the Manage section of your Monotype Fonts account.

SSO.png

2. Once in the SSO tab, click on the Create new button.

Create_new.png

3. In the Create SSO Mapping dialog, enter your SSO group name in the Tell us your SSO group field.

Create_SSO_Mapping.png

Important: Ensure you’ve checked the spelling thoroughly, as this is the name Monotype Fonts will match against the group name received from your active directory system.

4. Next, select the User Roles and Teams for users contained in this group from the drop-down menus.

Setting_up_teams.png

You can add users within a group to multiple teams by clicking on the + icon beside the drop-down menu(s).

A_M_SSOM_05_1.png

Your SSO mapping should now appear in the SSO mapping table.

SSO_Mapping_table.png

Modifying mappings

The SSO mapping table provides a view of groups mapped with teams, along with their roles and whether or not these mappings are in use. You can also find a list of Unmapped Groups below this table.

Note: Modifying the teams and roles assigned to a group will impact all users within that group.

1. Begin by clicking on the group name. This will open the Edit SSO Mapping dialog.

Edit_SSO_Mapping.png

2. In the Edit SSO Mapping dialog, use the User Role and/or Teams drop-down menus to make changes to the existing mapping.

Edit_SSO__team_roles.png

3. You can add users within a group to multiple teams by clicking on the + icon beside the drop-down menu(s).

Add_users_to_teams.png

Creating new mappings for unmapped groups

1. Begin by clicking on an unmapped group’s name. This will open the Create SSO Mapping dialog.

Create_SSO_mapping.png

2. In the Create SSO Mapping dialog, use the User Role or Teams drop-down menus to create the new mapping.

New_role_mapping.png

3. You can add users within a group to multiple teams by clicking on the + icon(s) beside the drop-down menu(s).

Add_user_to_team.png

Important information:

1. When a user logs into Monotype Fonts via SSO for the first time, their active directory group is compared with your list of SSO mappings. If a match is found, the user’s configuration is created or modified based upon the mapping(s) you’ve created. In the case of multiple matches, the first match takes effect.

2. In case a match is not found:

  • For new users, user configuration is mapped to a pre-existing mapping named “default." You may also choose to set one of your existing mappings as a default.

  • For existing users, no configuration changes are made.

  • In both cases, unrecognized groups are listed under Unmapped Groups, and their mappings can be modified using the steps outlined above.

3. In case a particular group’s mapping in Monotype Fonts or a user’s active directory group has been modified, their user configuration is updated accordingly at the next login. Sessions time out after eight hours, re-checking and, if necessary, updating user configuration upon each successive login.

4. Modifying teams and roles assigned to a group in Monotype Fonts will impact all users within that group.

5. Company admins cannot modify the roles or teams of users logging in via SSO and mapped to existing active directory groups.

6. To remove users from a group, please contact your IT/Systems Administrator.

Did this answer your question?