Structured Content 2022: Join our conference to explore fresh perspectives on content and digital experiences →
Skip to content
Sanity
Get started
  • Sanity Studio - Flexible editing environment
  • Content Lake - Real-time database
  • Developer experience - Tooling you love
  • Structured content - The philosophy behind Sanity
  • Review changes - View edits & rollback instantly
  • Image pipeline - On-demand transformations
  • E-commerce - Better shopping experiences
  • Marketing sites - Control your story
  • Products & services - Innovate and automate
  • Mobile apps - Content backend for every OS
  • Morning Brew - Omnichannel media distribution
  • InVision - Delivering exceptional customer experiences
  • DataStax - Personalization for global audience
  • Cloudflare - Flexible modeling for a global CDN
  • React
  • Gatsby
  • Next
  • Nuxt
  • Eleventy
  • Netlify
  • Vercel
  • Algolia
  • Documentation
  • Reference
  • Guides
  • Tools & plugins
  • Project showcase
  • Schemas & snippets
  • Technology partners
  • Get support
  • Share your work
  • Migrating the Netlify Blog from Hugo to Eleventy using Sanity
PricingContact salesLog inGet started
NEWS · November 10th 2021

Upgraded access control: SAML support & easier role management

Sanity releases SAML SSO support and makes administering roles available in the management interface.

Marcus Sarmento

Marcus is Head of Product Marketing at Sanity

Today, we’re releasing two new features that will make it easier to control access to Sanity and the actions users can take inside Sanity Studio.

First, we’re releasing expanded support for single sign-on (SSO) using the Security Assertion Markup Language (SAML) standard for Business and Enterprise plans.

Second, you can now administer and configure roles in the management interface. Customers on all plans have the ability to assign roles for the users in their projects, and Enterprise customers have the added ability to create custom roles and configure granular permissions against content edited within the Studio.

Together, these two releases provide better security and easier administration for your teams.

SAML support

A key way to improve security and compliance efforts is to enable Single Sign-On (SSO) for your organization. Not only does using SSO allow better access control and help maintain compliance, but it makes managing large groups of users a lot easier and provides a more streamlined experience for your team. Sanity has offered Custom SSO to clients on Enterprise plans for some time, letting you connect to your own custom logic solutions like Active Directory or Kerberos.

Starting today, customers on the Business and Enterprise plans can use the SAML standard to log into Sanity. SAML is one of the most widely used ways of exchanging credentials between identity providers (like Okta, Google, etc.), which means more of our community will be able to take advantage of SSO on Sanity.

To learn how to set up SAML in Sanity Studio, check out our docs. In a few easy steps, you can get SAML configured on all Business and Enterprise projects you choose.

Enhanced role management

Earlier this year we announced a revamped roles API, and introduced new roles for assignment (depending on your plan) that addressed most of the use cases for content control. That release also included a new version of Sanity Studio that had built-in detection of roles, which automatically controlled access and actions users could take.

Today, we’ve added support in our management interface for managing users and roles, defining custom roles (Enterprise plan feature), and specifying which roles can access specific content within datasets (Enterprise plan feature). That means it’s easier than ever to quickly create and change permissions for individuals or groups with just a few clicks.

To manage roles for a user, navigate to the Members tab, find the user you want to update, and simply choose the new role in the dropdown.

Defining custom roles (Enterprise plan feature) is straightforward too! Just go to the Access tab and click Create new role.

You’ll be asked to name the new role (Marketing Team) and specify which resources and actions this role should have access to. In addition to choosing individual datasets, you now have the ability to tag multiple datasets and grant or remove access to the tag, letting you further simplify role configuration across your team. For example, you may want to have consistent permissions for all datasets that store development, staging, or production content. Appending a dev, staging, or prod tag to the appropriate datasets keeps permissions in sync as long as the tag is enabled.

For more information about how to administer roles in the management interface, check out our docs.

Bonus use case for Enterprise customers

With these two releases, our Enterprise customers can now automatically assign new users who authenticate via SAML SSO to a previously created custom role. For example, you can give all new team members view-only permissions to start, and easily update the default role or an individual team member’s role down the road to help mitigate risk.

We hope you enjoy the added security and convenience of our improved access control features which make logging into Sanity and defining actions a user can take a whole lot easier.

Page content

  • SAML support
  • Enhanced role management
  • Bonus use case for Enterprise customers

Platform

Structured ContentDeveloper experienceContent LakeSanity StudioSecurity & Compliance

Resources

Documentation
  • Content Modeling
  • React Blog
  • Gatsby Blog
  • Next.js Landing Pages
  • Progressive Web Application
  • Single Page Application
  • Svelte & Typescript App
  • Vue & Tailwind Blog
  • Developer Portfolio Templates
  • Form validation with Yup
  • Live Preview with Next.js and Sanity.io
  • React Starters
  • Next.js Starters
  • Next.js Landing Pages
  • Next.js E-commerce
  • Gatsby Starters
  • Gatsby Plugins
  • Developer Portfolio Templates
Case Studies
  • Headless CMS
  • Digital Experience Platform
  • Static Site Generator
  • Localization
  • GraphQL vs REST
  • React CMS
  • Next.JS CMS
  • Gatsby CMS
  • Node CMS
  • E-commerce CMS
  • Vue CMS
  • Angular CMS
  • GraphQL CMS
  • Newspaper CMS
  • Magazine CMS

Company

Contact SalesEnterpriseCareersTerms of Service

Stay connected

  • Github
  • Slack
  • Twitter
  • YouTube
  • Stack Overflow
  • Blog RSS

Subscribe to our newsletter

©Sanity 2022