Skip to main content
Version: 11.x

Users & Groups

Every person who accesses a Smartsign Server needs a user identity (Smartsign ID) to log in and use the system.
Depending on the user type, they may also need to belong to a group, which defines what resources they can access and what actions they can perform.

User and group management allows administrators to control access to screens, channels, media, and other Smartsign resources efficiently and securely.

Smartsign identity

Smartsign Identity is our own identity provider that handles user login and authentication. It’s built on standard protocols such as OpenID Connect and OAuth 2.0, ensuring secure and compatible access across systems.

It manages authentication for all our products — both in the cloud and for on-premises installations, where it runs as an integrated component alongside the server.

It also supports federation with external identity providers, such as Microsoft Entra, allowing users to log in using their existing organizational accounts.

User requirements

To ensure secure access and proper account management, all Smartsign Identity users must meet the following requirements:

  • Valid email address – Each user account must be associated with a valid email address.
  • Email verification – All email addresses are verified during account setup.
  • Password complexity – Strong password rules are enforced to maintain account security.
  • Two-Factor Authentication (2FA) – 2FA is enabled by default for all users, providing an additional layer of protection.

If you choose to use an external provider, authentication is performed by that party and your configuration/policy with them will dictate if and how Two-Factor authentication is performed.

User Access Types and Profiles

Smartsign uses access types and user profiles to define what users can see and do within the system. Access types determine the overall scope of a user’s permissions, while profiles define what actions they can perform.

Access Types control whether a user manages only assigned resource (Group Access), the entire site (Site Access), or the full server configuration (Server Admin).

User Profiles — such as Site Owner, Group Admin, and Publisher — define specific roles and responsibilities within that scope.

For a detailed explanation of each access type and profile, see the User types and profiles article.