The 3rd Party IDP page allows you to configure 3rd party IdP (identity provider) authentication for users with an email domain that matches the selected domain name. You can use the same IdP configuration to authenticate users from multiple domains, as long as the domains match the federated configuration. For more information, see Configuring IdP Authentication. The SSO Portal currently supports SAML2.0 standard compliant complaint IdP providers, including Okta, Azure AD, and ForgeRock.
| Warning | ||
|---|---|---|
| ||
| Information about configuring SAML federation described in this topic is relevant only to the BloxOne Infoblox Platform services configurable through the Cloud Services Infoblox Portal. This information is not applicable to NIOS or the NIOS Grid. For information about how to authenticate admins using SAML in NIOS, see Authenticating Admins through SAML for NIOS 8.5 and and /wiki/spaces/nios84/pages/44964771. |
| Note | ||
|---|---|---|
| ||
If MFA (multi-factor authentication) is already activated for the selected domain, you cannot activate the 3rd party IdP until you have deactivated MFA for that domain. |
...
- Configuring IdP Authentication
- Generate audience keys
- Create a SAML 2.0 Application for OKTA
or
Create a SAML 2.0 Application for Azure AD
or
Create SAML 2.0 Federation for ForgeRock - Map IdP user groups to CSP Infoblox Portal user groups (optional)
- Test 3rd party IdP authentication
- Activate 3rd party IdP authentication
...