Page Comparison

Consider the following before you configure and enable access authentication:

• Enabling the access authentication service might affect the existing DNS service. Contact Infoblox Technical Support for assistance in enabling the access authentication service. Once the service is enabled, all users will be redirected to the Access Authentication page for authentication before any DNS resolution can happen. Depending on what service is being synched, the administrator must have sufficient privileges to read Active Directory data. 
• The access authentication service is available on virtual on-prem hosts and BloxOne Infoblox Platform Endpoint only. The service is not supported on NIOS and physical B1-105 appliances.
• Using Mozilla FireFox with IPv6 might cause connection issues when configuring access authentication. To fix the problem, disable IPv6 in FireFox.
• Smart Redirect does not work when infoblox.com is included in the Internal Domains List.

...

• You must successfully create an application for the authentication protocol in the respective third-party IdP that you plan to integrate with BloxOne Threat Defense CloudInfoblox Platform. For information about how to set up applications for different IdPs, refer to the respective vendor documentation.
• Ensure that you have properly configured group and claim attributes for the respective application in the IdP. For SAML, the SAML2.0 Assertion must contain the "groups" attribute. For OpenID Connect, the ID Token must contain the "groups" claim. You can also use an optional claim that matches the ".*email" regex, for displaying username in the security reports.
• Copy all the Service Provider details in the Create Authentication Profile dialog of the Cloud Services the Infoblox Portal. From the Cloud Service Portal, click Administration -> Infoblox Portal, click Configure > Administration > Access Authentication -> Add Configuration. Depending on the protocol you have chosen, copy the Entry ID and Assertion Consumer Service URL for SAML, and the Login Redirect URI for OpenID Connect. You can also download the metadata file for SAML to get all the required information. You need this information to create an application in the IdP.
• From the IdP application, obtain the identity provider details, so you can enter the information to successfully create an authentication profile in BloxOneInfoblox Platform. For SAML, obtain the Issuer, SSO URL, and Signing Certificate from the SAML application of your IdP. You can also use the metadata URL to get all the information in the XML file. For OpenID Connect, obtain the Client ID, Client Secret, and Issuer information from the OpenID Connect application.

...