Help Center

Access management

In BlueConic, all access-related functionality is grouped together under a single Access Management option through the BlueConic settings menu. When you click BlueConic settings > Access management, the following tabs appear within a horizontal bar at the top (underneath the main navigation bar):



  • The Access management option is only available to user roles with "Access management" enabled through the Roles tab. In addition, only tabs enabled for a user's role are shown in the horizontal bar; for instance, someone with the Content Manager user role might have access to the Users tab but not to the Single Sign-On (SSO) tab.
  • Upon clicking the Access management option, you are directed to the first available tab. For example, if you have access to “Roles” but not “Users,” then the Roles tab is the first available.
  • If you only have access to one Access management tab, then the Access management option in the BlueConic settings menu is relabeled with the name of that one tab.

For more information, review the article Managing Roles and User Permissions in BlueConic.


The Users tab lists all users authorized to log in to BlueConic. From here, you can view more information on each individual user and adjust their settings, including the roles they're assigned to and the domains they have write access to. You can also add and remove users through this tab.

For more details on this tab, review the article Adding, modifying, and deleting users.


The Roles tab lists all user roles available in BlueConic and the specific BlueConic functions they have permission to access. For instance, AI Workbench is enabled for all users in the Application Manager role. From this tab, you can view and update the specific permissions for each role, as well as grant them access to PII (personally identifiable information) in your tenant.

For more details on this tab, review the article BlueConic Roles.


Implemented as part of the OAuth 2.0 authorization framework, the Applications tab lists all external, third-party applications that your organization has authorized to connect with BlueConic using BlueConic public REST APIs. From this tab, you can add new applications and manage the settings and information for your existing applications.

For more details on this tab, review the article Applications: Authorizing external applications to access BlueConic.

Single Sign-On (SSO)

The Single Sign-On (SSO) tab includes one setting to enable or disable the SSO feature giving users access to BlueConic using your organization's SSO provider. When this setting is enabled, several fields display to input information that BlueConic needs for setup from your SSO provider.

For more details on this tab, review the article Using single sign-on (SSO) with BlueConic.

Access based on IP address

Through the Access based on IP address tab, you can restrict access to the BlueConic management UI and API to only users in a certain range of IP addresses, such as your organization's network. If you select the option to allow only certain IP addresses, make sure to include your own IP address on the IP allow list (formerly referred to as a 'whitelist'). When you save these settings, active BlueConic user sessions will be blocked to users outside the IP ranges you specify.

How to limit access to BlueConic CDP to white list of IPs to use only authorized users for an IP range or range of IP addresses at my site

Note: If you set up one or more BlueConic API Access connections, these connections and the specific API access they govern are also affected by this limitation.

Tip: If your site uses an IP-masking platform such as Zscaler, review our tips about automatic logouts for further information.

BlueConic Support access

The BlueConic Support access tab includes one setting to define whether or not BlueConic Support can access your overall tenant. By default, BlueConic Support employees do not have any access to your tenant, but through this tab, you can permit all Support employees or just specific employees to have this access.

For more details on this tab, review the article Allowing BlueConic Customer Success to access your environment.

Was this article helpful?
0 out of 0 found this helpful