Page Comparison

...

1. Log in to the Infoblox SSO Portal at https://sso.infoblox.com/.
2. On the 3rd Party IDP page of the Infoblox SSO Portal, go to the Map Groups section.

3. From the Region drown-down menu, choose EU to map user groups in the EU region and choose US to do so in the US region. The SSO portal displays all regions by default.

4. In the respective region, click Add, and then enter the IdP group name or the Azure group ID in the text box:

   • IDP USER GROUP: For OKTA federation.

   • AZURE GROUP ID: For Azure AD federation

     Note: Ensure that you enter the IdP group name or Azure group ID you have configured in your SAML application. You can find the IdP group name/ID at your IdP. Azure AD will only send the groups’ Azure Group ID in the SAML Assertion. Therefore, IDP group names are not used when federating with Azure AD.

     The following restrictions apply to the IdP group names:

     • The name cannot be empty.
     • The length must be less than or equal to 253 characters.
     • Valid characters include the following: a-z, A-Z, 0-9, -, .
     • Must begin with an alphanumeric character.
     • Must end with an alphanumeric character.
       If your IdP group names do not meet the above restrictions, you will receive an error when you try to add the group mapping entries.
5. From the BloxOne USER GROUP drop-down list, choose the desired BLOXONE User Group to map to the respective IdP user group or Azure group ID. You can also use the search option by entering the name of the BloxOne user group to find a match. Repeat this process for each IdP group or Azure group ID as necessary to create multiple mappings. You can map multiple IdP groups to a single BloxOne user group.
   For example, if you map an IdP user group "idp-group" to a BloxOne user group "ib-ddi-admin," any user who signs in to the Cloud Services Portal and belongs to the "idp-group" group will automatically be added to the "ib-ddi-admin" group.
6. Click Save to save the mappings.
7. After you have configured the SAML application and mapped user groups, you can complete the following configuration:
   1. Testing 3rd Party IdP Authentication
   2. Activating 3rd Party IdP Authentication

   You can also perform the following after you set up 3rd party IdP authentication:

   • Deactivating 3rd Party IdP Authentication
   • Resetting 3rd Party IdP
   • Adding a Chiclet for IdP-initiated SSO (OKTA)
   • /wiki/spaces/ddiadminguidensdraft/pages/11011567Adding an IdP Application to Microsoft Azure