SAML is a language/system that allows access to multiple different web applications using one set of login credentials. This allows more secure access, clearer visibility of access by users, and easier controls to manage access.
Various providers offer Single-Sign-On (SSO) access, including the following that Chameleon supports:
Google OAuth
Okta
Azure AD
Microsoft AD
OneLogin
VMware Workspace ONE
Logging into Chameleon via Google OAuth is available to all customers and can be initiated from the login page. In addition, account Admins can restrict access to be via Google only to provide extra security. This can be configured from the Rights page in your Chameleon dashboard.
All other providers via SSO + SAML (e.g. Okta) require some custom configuration and are available as a paid add-on. You can learn more about Chameleon's pricing plans here.
If you are interested in using SSO with Chameleon please email us or speak with your account manager:
SSO Configuration
A member of the Chameleon team will generate a link for your SSO Admin to visit, fill out, and quickly configure SSO for your Chameleon account.
Setting up SSO to work with Roles
For customers on an Enterprise plan or who have access to Roles an Permissions (RBAC), you can configure your teammates to have Admin, Viewer, Creator, Publisher, Designer, Engineer roles. These allow fine grained control over the workflows within Chameleon. With SSO you can configure your users to automatically receive the ir Chameleon roles via the custom property called roles
. The roles
field is formatted as a comma separated list of the roles you want the user to have.
Some common combinations of Roles and the value that should be set into the custom field in your SSO provider are as follows:
Admin: admin
Viewer: viewer
Creator + Designer: team_creator,team_designer
Engineer: team_engineer
Publisher: team_publisher
Note that Admin and Viewer are used alone but the team_*
prefixed Roles can be used in any combinations.