Implementation Report
This report summarizes how soffidSoffid has been implemented for this project.
Agents
These agents have been defined in Main Menu > Administration > Configuration > Integration engine > Agents
:
1. IdP Agent
This agent has been created for the identity providerprovider, for managing and authenticating the identities of users. This agentIt would be linked to the identity provider through its Public ID.
2. Source AD Agent
This agent has been created to connect the Soffid console with the Active Directory, so we can carry out the authoritative load, to retrieve identities, and the reconciliation process, to request the accounts and ensure that all users are aligned with their respective roles and responsibilities.
Identity & Service providers
Only one Entity Group has been defined (Postbank) in Main Menu > Administration > Configuration > Web SSO > Identity & Service providers
. The providers defined within this group are:
1. Identity Providers
The identity provider soffid.postbank.lpb.co.ls uses Soffid IdP for identity authentication. Additionally, adaptiveAdaptive authentication is configured, so if the name of the service provider requesting authentication begins with "Tacacs," two-factor authentication (2FA) will be required, as shown below.
Otherwise multi-factor authentication (MFA) will be required.
2. Service Providers
Eight out of ten service providersproviders, havewhich beengrant definedaccess to access firewalls, routers,routers switches,and etc.other Thesesystems, serviceare providers beginprefixed with "Tacacs" in the name,, thus 2FA will be required. For the remaining two service providers, which allowsallow usersaccess to access proxies and other systems, MFA will be required.enforced. These service providers allowsenable users to connect to differentvarious systems directly, without startinginitiating the connection through Soffid.Soffid, while still ensuring identity authentication.