Enterprise Admin | PixieBrix Docs

Last updated 4 months ago

Was this helpful?

This Enterprise Admin Quick Start Guide covers the steps to:

Part 1: Enable Team Access to PixieBrix
Part 2: Provision PixieBrix at scale

Part 1: Enable Team Access to PixieBrix

Visit:
On the login screen, authenticate with your preferred provider
- Google
- Microsoft (including Azure Active Directory)
- Email — sends a login link to your email

Troubleshooting

Step 2: Create/Configure a Team

In the Admin Console, click Create Team and provide a team name
Select Settings in the left side nav
Configure the Team scope and default role:
- Team scope: a unique account alias to namespace your team’s mods and bricks. The scope cannot be changed once your team has created a mod
- Default role: the default role for users automatically provisioned to your team

Step 3: Ensure Team Member Access/Authentication

Ensure your team members can access PixieBrix using your preferred authentication method:

Google/Microsoft (OpenID)
Account Login Emails (aka Magic Links)
SAML/SSO

If running a pilot/POC, we recommend starting with Google, Microsoft, or Email login to get your team up and running quickly.

Step 3a: Allowlist PixieBrix for Google or Microsoft OpenID Authentication

Allowlisting Login with Google/Microsoft required Admin Access to your Microsoft Azure and/or Google Workspace account

Allowlisting PixieBrix emails requires Admin Access to your Email Provider

Allowlist the PixieBrix system email IP addresses
Allowlist the PixieBrix email domain

Step 3c: Configure SAML/SSO

Configuring SAML/SSO requires Admin Access to your Identity Provider (IdP)

Step 4: Allowlist Outgoing Browser Extension Traffic to PixieBrix in the Network Firewall

Allowlisting traffic requires Admin Access to your Network Firewall

Step 5: Allowlist the PixieBrix Chrome Browser Extension

This step requires Admin Access to your Enterprise Device Management policies

Part 2: Provision PixieBrix at Scale

This step requires Admin Access to your Enterprise Device Management policies

Step 6: Set up Automatic User Provisioning for your Domain

Step 7: Force-install the PixieBrix Browser Extension

Force-install the browser extension
Configure the Browser Extension Policy

Step 8: Create a Group for Group-Based Access Control

Click the Groups menu item in the left side nav
Create a Group
Add group members in one of the following ways:
- Upload a CSV in the Admin Console

Step 9: Enable SAML/SSO

Configuring SAML/SSO requires Admin Access to your Identity Provider (IdP)

Last updated 4 months ago

Was this helpful?

Part 1: Enable Team Access to PixieBrix

Step 1: Sign up for PixieBrix

Troubleshooting

Step 2: Create/Configure a Team

Step 3: Ensure Team Member Access/Authentication

Step 3a: Allowlist PixieBrix for Google or Microsoft OpenID Authentication

Step 3b: Allowlist PixieBrix account login emails (aka Magic Links)

Step 3c: Configure SAML/SSO

Step 4: Allowlist Outgoing Browser Extension Traffic to PixieBrix in the Network Firewall

Step 5: Allowlist the PixieBrix Chrome Browser Extension

Part 2: Provision PixieBrix at Scale

Step 6: Set up Automatic User Provisioning for your Domain

Step 7: Force-install the PixieBrix Browser Extension

Step 8: Create a Group for Group-Based Access Control

Step 9: Enable SAML/SSO

Part 1: Enable Team Access to PixieBrix

Step 1: Sign up for PixieBrix

Troubleshooting

Step 2: Create/Configure a Team

Step 3: Ensure Team Member Access/Authentication

Step 3a: Allowlist PixieBrix for Google or Microsoft OpenID Authentication

Step 3b: Allowlist PixieBrix account login emails (aka Magic Links)

Step 3c: Configure SAML/SSO

Step 4: Allowlist Outgoing Browser Extension Traffic to PixieBrix in the Network Firewall

Step 5: Allowlist the PixieBrix Chrome Browser Extension

Part 2: Provision PixieBrix at Scale

Step 6: Set up Automatic User Provisioning for your Domain

Step 7: Force-install the PixieBrix Browser Extension

Step 8: Create a Group for Group-Based Access Control

Step 9: Enable SAML/SSO