Managing Access Authentication

Infoblox Platform provides an access authentication service that you use to authenticate users through a captive portal using third-party IdP (Identity Provider) federation and creating security policies based on user groups. The access authentication feature allows you to integrate third-party IdP federations, using LDAP, SAML or OpenID Connect, and create authentication profiles that you associate with hosts. You can also synchronize user groups from your chosen IdPs, so you can build security policies based on user groups from Microsoft Azure AD, Okta, and OpenAM.

Before you configure access authentication, ensure that you understand the prerequisites for configuring applications in the IdPs and other considerations. For information, see Prerequisites for Configuring Access Authentication.

When you are ready to configure access authentication, ensure that you follow all the steps described in Setting Up Access Authentication.

The Configure > Administration > Access Authentication page displays the following information for the authentication profiles you have configured:

• NAME: The name of the authentication profile.
• DESCRIPTION: The description of the authentication profile.
• TYPE: The authentication protocol for the profile.
• AVAILABILITY: Indicates whether the profile is Enabled or Disabled. An enabled profile is available for user authentication and user group synchronization. To enable authentication, toggle the MS AD Collector on the Host Editor page to the enabled position. At least one host is required in order to perform MS AD User Groups Collection. It is possible to sign out after having signing in prior to when the TTL expires. When navigating to the captive portal domain it will show the Log Out button.

You can also perform the following in this tab:

• Select the columns you want to display or use the arrow keys to reorder the columns.

• Click  the Edit menu > Edit to modify the selected authentication profile. You can also choose the respective authentication profile and click Edit.

• Click the Edit menu > Remove to delete the selected authentication profile. You can also choose the respective authentication profile and click Remove.

• Select an authentication profile to view additional details in the right panel. You can collapse the right panel by clicking the information icon on the upper right corner.

• Enter the value that you want to search in the Search text box. The Infoblox Portal displays the list of records that match the keyword in the text box.

For more information about access authentication, see the following:

• Prerequisites for Configuring Access Authentication
• Setting Up Access Authentication
• Configuring Authentication Profiles
• Associating Authentication Profiles with Servers
• Configuring Authentication Settings
• Synchronizing User Groups
• Configuring Authentication Modes