The system allows configuring multiple identity providers in a single system (or in a tenant in case of multi-tenant deployment). For a user to log into the system, must have at least one of the identity providers enabled. Identity providers are configured through the roles/permissions for the users.
By default, all roles have the Database Credentials and Integrated Windows Authentication options are enabled. System administrators can add new identity providers and change the default settings by updating the role configuration.
Adding a new identity provider
To add a new identity provider, follow the steps below:
Step 1 - On the web interface go to System / Security / Identity Providers menu option.
Step 2 - Click on the Add New Identity Provider link on the top right.
Step 3 - Add a Name and select the Type.
Step 4 - Configure the parameters depending on the selected type.
Integrated Windows Authentication configuration
Windows Active Directory (LDAP) configuration
Windows Active Directory Federation Services (ADFS) configuration
Azure Active Directory (AAD) configuration
Step 5 - Press Save to add the new identity provider. Once the identity provider is added, it is available under the role configuration.
Assigning identity providers to users
To assign one or more identity providers to users, follow the steps below:
Step 1 - On the web interface go to Users / Administration / Roles menu option.
Step 2 - Click on one of the existing roles in the list to create a new one by clicking on the Add New Role link on the top right.
Step 3 - Under Regular User Permissions / Application Access, select an item from the Available Identity Providers list box and click on the
button to add the item to the Associated Identity Providers list.Step 4 - Press Save to change the configuration settings of the role. The new settings will be applied once the users with the configured role will try to login again.