Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

The 3rd Party IDP page allows you to configure 3rd party IdP (identity provider) authentication for users with an email domain that matches the selected domain name. You can use the same IdP configuration to authenticate users from multiple domains, as long as the domains match the federated configuration. For more information, see Configuring IdP Authentication. The SSO Portal currently supports SAML2.0 standard compliant IdP providers, including Okta, Azure AD, and ForgeRock.

Important Note

Information about configuring SAML federation described in this topic is relevant only to the BloxOne services configurable through the Cloud Services Portal. This information is not applicable to NIOS or the NIOS Grid. For information about how to authenticate admins using SAML in NIOS, see Authenticating Admins through SAML for NIOS 8.5 and /wiki/spaces/nios84/pages/44964771.

Note

If MFA (multi-factor authentication) is already activated for the selected domain, you cannot activate the 3rd party IdP until you have deactivated MFA for that domain.

To configure 3rd party IdP settings, complete the following:

  1. Configuring IdP Authentication
  2. Generate audience keys
  3. Create a SAML 2.0 Application for OKTA
    or
    Create a SAML 2.0 Application for Azure AD
    or
    Create SAML 2.0 Federation for ForgeRock
  4. Map IdP user groups to CSP user groups (optional)
  5. Test 3rd party IdP authentication
  6. Activate 3rd party IdP authentication

You can also perform the following after you set up 3rd party IdP authentication:

  • No labels