This article explains how SSO login works for non-BlueDolphin users in the Process Portal and the Legacy Process Portal.
When a user accesses the Process Portal, the system follows the standard BlueDolphin authentication flow.
Two scenarios are possible:
The user exists in BlueDolphin and has an assigned role.
When a User Does Not Exist or has no roles in BlueDolphin.
When the user exists with a role in BlueDolphin
The IDP checks if the user is allowed to access BlueDolphin based on the customer’s configured access groups on the customer IDPs.
When the user is not allowed, BlueDolphin denies the request, else BlueDolphin reads the user’s assigned roles. BlueDolphin reads the user’s assigned roles.
You can see which users are active by going to Admin > Users. Here, you can also see which users have roles assigned to them.
If roles exist, the system applies them immediately.
If no roles exist, the user is treated as a guest user. If you are an administrator and you want to invite guests to your tenant, you can add users without a role. If a user doesn't have a role, they are a guest user.
A guest user can only see the processes available in the Process portal or the legacy process publication portal.
Refer to the Access the Process Portal section in the article.
When a User Does Not Exist or Has No Roles in BlueDolphin
The IdP verifies whether the user is allowed to access BlueDolphin based on the customer’s configured access groups.
If a guest user (a user without an assigned role) logs in, the following screen appears.
URL to access the Process portal for non-registered users is BlueDolphin
You can contact your administrator if you want to be granted a role to be able to work in the BlueDolphin tenant. If you want to go to the process publication portal, click the button Go to official processes.
NOTE: SCIM usually configures user access based on the IDP access groups. When SCIM has been set up to use the same access groups as the IDP, all users will be created in BlueDolphin. When a certain group only needs official process access, do not assign group-role mapping in SCIM for that access group.
Access the Process Portal
All authenticated organizational users (via SSO) can enter the Process Portal, even without a BlueDolphin license.
The available entry points depend on which process add-on(s) your organization is using:
If your organization uses Legacy Process Portal (Official diagrams)
Users can access official processes as follows:
Bookmarks
Legacy BPMN bookmarks open the Official Process Portal: BlueDolphin
Direct URL to the Legacy BPMN Portal: BlueDolphin
This takes users directly to the Official (Legacy BPMN) process view.
Generic Login URL (/login)
If users log in without coming from a bookmark or specific route and using BlueDolphin
(e.g., the Legacy Process Portal or the general BlueDolphin homepage — whichever applies)
If your organization uses Process Portal (Published diagrams)
Users can access published processes using:
Bookmarks
BlueDolphin Bookmarks created from BPMN 2.0 diagrams always reopen in the BPMN 2.0 Process Portal.
Direct BPMN 2.0 Portal URL
BlueDolphin: Always opens the BPMN 2.0 portal.
Generic Login URL (/login)
If users log in without context: BlueDolphin
If your organization has both the Legacy process portal and the process portal enabled
In this configuration, both routes remain active, and you may land in different versions of the portal depending on how you access it.
Bookmarks
A Legacy BPMN bookmark → opens the Legacy process Portal
A BPMN 2.0 bookmark → opens the process Portal
Bookmarks always open the original format. No cross-redirection occurs.
Direct Portal URLs
Route A → Legacy process Portal
Route B → BPMN process Portal
Both URLs remain active for backward compatibility.
Generic Login URL (/login)
When users log in without coming from a bookmark or specific portal route: BlueDolphin