Identity Provider
Description
An identity provider (abbreviated IdP or IDP) is a system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network.
An Identity Provider is responsible for identifying users. Also, it is responsible for giving service providers information regarding the identifed use.
To create an identity provider, it is advisable to install a dedicated sync server. It can be configured as a proxy sync server as it does not need direct access to Soffid database. Instead, it will connect to main sync server to get users and federation information.
For more information about how to config a dedicated sync server you can visit the Install Sync server page.
Screen overview
&&TODO&&
Standard attributes
Identification
Those fields will be commons regardless of the IdP type you select.
- IdP type: identifies the identity provider type. Currently there are six types:
- Soffid IdP: identifies the identity provider implemented by Soffid. Soffid IdP implements both OpenID-Connect and SAML.
- External SAML IdP: is used to identity providers not implemented by Soffid. For instance, it could be an ADFS (Active Directory Federation Services) or Shibboleth identity provider.
- OpenID-Connect: is used for third-party identity providers, like ADFS.
- Facebook: if you select that option, Oauth2 will be used to identify Facebook users. You will need to register Soffid as a Facebook application to use it.
- Google: if you select that option OpenID-Connect will be used to identify Google users. You will need to register Soffid as a Google application to use it.
- Linkedin: if you select that option, Oauth2 will be used to identify Linkedin users. You will need to register Soffid as a Linkedin application to use it.
- publicID: unique name to identify the identity provider.
- Name: friendly user name.
- Organization: company name of the external IdP.
- Contact: email address of the external IdP.
The fields for each IdP type are detailed below:
Soffid IdP
{{@394}}
External SAML IdP
{{@404}}
OpenID-Connect
{{@405}}
{{@406}}
{{@407}}
{{@408}}
Actions
Tree view
|
Add identity provider |
Allows you to add a new Identity Provider. You must click the "Add Identity Provider" button, under the proper Entity Group and "Identity Provider" label, then Soffid will show a new window with the data to fill in to create the new Identity Provider.. |
|
Add virtual identity provider |
Allows you to add a Virtual Identity Provider. You must click the "Add virtual identity provider" button, under the proper Identity Provider, that has to be an Soffid IdP, then Soffid will show a new window with the data to fill in to create the new Virtual identity provider.. |
List view
&&TODO&& borra todo desde el haburger icon, o seleccionando en la lista, pero en realidad no se está borrando nada-
|
Add identity provider |
Allows you to add a new Identity Provider. You must click the |
|
Delete Identity Providers |
Allows you to delete one or more plugins or addons, you must select one or more records from the list and click the button with the subtraction symbol (-). To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation. |
|
Delete |
Allows you to restart the console to apply addon changes. That operation will be mandatory when you load an addon. |
Identity Provider detail
| Save | Allows you to save or update the Identity Provider. |
| Apply changes | Allows you to save or update the Identity Provider and quit. |
| Delete |
Allows you to delete the Identity Provider. To delete a the Identity Provider, you can click on the hamburger icon and then click the delete button (trash icon). Soffid will ask you for confirmation to perform that action, you could confirm or cancel the operation. |
| Undo | Allows you to quit without applying any changes. |