AM

Access Management & SSO

Create identities (manually, CSV file, or authoritative source)

Description

You need to register the identities to manage and protect them. This wizard allows you to choose the easiest way to do it.

Step-by-step

1. First, you must select one option to register the identities. Soffid allows you three options.

image-1677151715487.png

2. You must follow the  steps, depending on the selected option:

2.1. Load from a CSV file: this option allows you to load identities from a CSV file.

2.1.1. First of all, you need to pick up the CSV file.

image-1677151980079.png

2.1.2. Second, Soffid will display the file data to check contents

image-1677152756166.png

2.1.3. Then you must select the proper mapping for each CSV file column. And finally, click the Import Button and Soffid will add the identities to the platform.

image-1677152797214.png

2.1.4. Soffid will display the result of the process.

image-1677152920695.png

2.2. Configure an authoritative data source to always have up-to-date information: this option allows you to configure an Active Directory agent, or a Relational database agent to load the identities.

Once the process will finish, you could check the new agent on the agent's page Main Menu > Administration > Configuration > Integration engine > Agents

For more information about the agents, you can visit the Agents page.

image-1677152049535.png

2.2.1. Active Directory

image-1685436631243.png

2.2.2. Relational database (SQL)

image-1685436774882.png

2.3. Register them manually: this option browses to the User page to register the identities manually

image-1677153597024.png


Add applications

Description

This wizard allows you to add a new Service Provider, that is, to configure an application that relies on an Identity Provider (IdP) to authenticate users and provide access to its services.

Step-by-step

1. Once you select the Add application option, Soffid will display the wizard to register the Identity Provider, if it does not exist previously.

image-1706615738719.png

2. You must select the application you want to add.

image-1678779815350.png

2.1. Soffid app:

2.1.1. The Finish step will be displayed.

image-1678779871340.png

2.1.1. If you click the Finish button, Soffid will display the Service Provider page.

image-1677671303079.png

2.2. AWS app:

2.2.1 Soffid will download the proper certificate.

image-1677672235598.png

2.2.2 Once, you download the certificate, Soffid will display the Configure application step. You must follow the indicated steps at this point and click the Next button.

image-1677672319865.png

2.2.2 Then, you must upload the metadata of your service provider and click the Finish button.

image-1677672438056.png

2.3. Google workplace app:

2.3.1 Soffid will download the proper certificate.

image-1677672235598.png

2.3.2 Once, you download the certificate, Soffid will display the Configure application step. You must follow the indicated steps at this point, fill in the Domain, and click the Next button.

image-1677682975815.png


2.3.3 Then, you must click the Finish button.

image-1677683080657.png

2.3.4 Finally, Soffid will browse to the Service Provider page where you can finish the Service provider configuration.

image-1677683851230.png

2.4. Microsoft 365 app:

2.4.1.  When you select this option, Soffid will display the Configure application step. You must follow the indicated steps at this point, and click the Next button.

image-1677683934770.png

2.4.2 Then, you must click the Finish button.

image-1677683080657.png

2.4.3 Finally, Soffid will browse to the Service Provider page where you can finish the Service provider configuration.

image-1677684047850.png

2.5. OpenID app:

2.5.1.  When you select this option, Soffid will display the Configure application step. You must configure your Service Provider, and click the Next button.

image-1677684651700.png

2.5.2.  Then Soffid will return you the Client id and Client secret

image-1677684676985.png

2.5.3 Then, you must click the Finish button.

image-1677683080657.png

2.5.4 Finally, Soffid will browse to the Service Provider page where you can finish the Service provider configuration.

image-1677684869231.png

2.6. SAML 2.0 app: 

2.6.1 Soffid will download the metadata XML file.

image-1677686059860.png

2.5.2 Once, you download the metadata file, Soffid will display the steps to follow.

image-1677686120040.png

2.5.3 Then, you have to upload the metadata file generated by the Service Provider 

image-1677686216222.png


Create MFA policies

Description

This wizard will help you to configure multi-factor authentication in order to expand security. This process requires users to provide two or more forms of identification before being granted access to a system or application.

For more information, you can visit the Two-factor authentication (2FA) book.

Step-by-step

1. Frist, you must select the authentication factor to use

image-1677146953516.png

2. Second, you must select the delivery method to use. If you select the second option, you have to select the users to whom the instructions will be sent.

image-1677147051712.png

3. Next, you must select which users will have the second authentication factor activated.

image-1677147755823.png

3. Finally, the changes will be applied and the process will be finished.

image-1677147905326.png

Create adaptive authentication rules

Description

Adaptive authentication rules are a set of security policies and mechanisms that adjust authentication requirements. These rules determine the strength of authentication required for each user, based on factors such as their location, device, past login behavior, and other risk indicators.

For more information, you can visit the Condition for Adaptive authentication page.

Step-by-step

1. Frist, you must select the Create adaptive authentication rules and then click the Ok button.

image-1678097740662.png

2. Then, Soffid will browse to the Adaptive authentication window, where you could configure it

image-1678098184254.png