This document provides detailed information on how predefined groups from SSO are mapped to global and project-level roles in BrowserStack Code Quality. This mapping facilitates role-based access control within BrowserStack Code Quality through Single Sign-On (SSO) integration.

Providing Group Name Attribute

To successfully map groups, you must provide the group name attribute. This attribute is used to identify and map the appropriate SSO group to its corresponding role in BrowserStack Code Quality.

Global Roles Mapping

Predefined SSO Groups and Corresponding Global Roles

  1. code_quality_account_admin
    • BrowserStack Role: Account Administrator
    • Description: Users with this role have administrative access to the entire BrowserStack Code Quality account.
  2. code_quality_project_admin
    • BrowserStack Role: Project Administrator
    • Description: Users with this role can administer specific projects within the BrowserStack Code Quality environment.
  3. code_quality_user_admin
    • BrowserStack Role: User Administrator
    • Description: Users with this role can manage user access and permissions within BrowserStack Code Quality.

Project-Level Roles Mapping

Predefined SSO Groups and Corresponding Project-Level Roles

  1. code_quality_manager_{project_name}
    • BrowserStack Role: Project Manager
    • Description: Users with this role can manage all aspects of the specified project.
    • Example: code_quality_manager_PROJECTA
  2. code_quality_analyser_{project_name}
    • BrowserStack Role: Project Analyzer
    • Description: Users with this role can scan , analyze and review code quality within the specified project.
    • Example: code_quality_analyser_PROJECTA
  3. code_quality_explorer_{project_name}
    • BrowserStack Role: Project Explorer
    • Description: Users with this role can explore and view project details within the specified project.
    • Example: code_quality_explorer_PROJECTA

Configuration Options

Group Prefix Configuration

Global roles and project roles can be configured individually with SSO groups by enabling or disabling the “Group Prefix”.

  • Enable Group Prefix: When enabled, the group prefix along with the project name will be mapped to SSO groups.
  • Disable Group Prefix: When disabled, any group you specify will directly map to the corresponding role without needing the prefix.

Example Configuration

  • If enablegroupprefix is set to false:
    • Direct mapping of SSO groups to roles.
  • If enablegroupprefix is set to true: