Skip to main content

Identity providers (addon federation)

Description

SoffidThis Identityscreen Federationallows addon helps administratorsyou to manage an Identity Federation. With Soffid you can managedefine the wholemost federationimportant securitycomponents configuration,of increasinga federation, which are none other than the securityidentity whileproviders. reducingAn identity provider is responsible for performing the federationappropriate managementauthentication costs.for Soffideach canservice alsoprovider actand asuser atype Service Provider, serving identitiesaccording to anytheir SAMLaccounts, capablepermissions, applicationauthorisations, server.and attributes.

The main supported standard is SAML. SAML allows to completely detach the identification process from web applications,  known as Service Providers. With SAML, identification is performed by specialized servers known as Identity Providers.  Additionaly, some other, less secure, but some times convenient protocols like OAuth (Open Authorization) and OpenID-Connect protocols are supported. Elder protocols like Openid (do not confuse with OpenID-Connect) are deprecated and no  longer supported.

Remember that after validating the user's login, the identity provider will send a set of attributes to the service provider that will have been previously defined in Soffid in the attribute definition page and shared attribute policy screens.

You can visit the Introduction page to find more information about the federation members.

Please note that this screen is available in the federation addon.

Screen overview

image.png

image.png

  • Metadata : where user attributes are defined

    • Standard attributes

    Entity Group

    group

    {{@389}}

    Identity Provider

    provider

    {{@390}}

    Virtual Identityidentity Provider

    provider

    {{@391}}

    Actions

    Federation Tree view

    tree

    Add group

    Allows you to create a new Entityentity group. You can choose that option by clicking on the "Add group" button,button in the tree, then Soffid will display a new window with the fields to fullfil.

    To add a new Entityentity group it will be mandatory to fill in the required fields and save or apply changes..

    Add identity provider

    Allows you to add a new Identityidentity Provider. You must click the "Add identity provider" button, under the proper Entityentity Group and "Identity Provider" label,group, then Soffid will display a new window with the data to fulfill for the new Identityidentity Provider.

    provider.

    To add a new Identityidentity provider it will be mandatory to fill in the required fields and save or apply changes..

    Add virtual identity provider

    Allows you to add a Virtualvirtual Identityidentity Provider.provider. You must click the "Add virtual identity provider" button, under the proper Identityidentity Provider,provider, which has to be a Soffid IdP, then Soffid will display a new window with the data to fulfill for the new Virtualvirtual identity provider.

    To add a new Virtualvirtual identity provider it will be mandatory to fill in the required fields and save or apply changes..

    Entity goupgroup

    List
    detail

    AddApply newchanges (disk button)

    YouAllows canyou addto save the data of a new Entityentity groupsgroup byor clickingto onupdate the adddata buttonof (+).a Thenspecific Soffidentity group. To save the data it will displaybe a new window and you needmandatory to fill in the required fields and save or apply changes.fields.

    Delete

    Allows you to remove onethe orentity moregroup. EntityYou groupcan find this option in the "three points" menu by selectingclicking one or more records and next clickingon the button"Delete" withbutton. the subtraction symbol (-).

    To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation.

    Undo

    Allows you to quit without applying any changes.

    Apply changes

    Allows you to save the data of a new entity group or to update the data of a specific entity group. Once you apply changes, the plugin details page will be closed.
    Detail

    Identity provider detail

    Save

     

    Allows you to save the data of a new Entityidentity groupprovider or to update the data of a specific Entityidentity group.

    provider.

    To save the data it will be mandatory to fill in the required fields

    Apply changes

    Allows you to save the data of a new Entity group or to update the data of a specific Entity group and quit.

    To save the data it will be mandatory to fill in the required fields.

    Delete identity provider

    Allows you to delete the Entityidentity group.provider. To delete aan hostidentity provider you can click on the hamburger"three points" icon and then click the delete buttonbutton. (trash icon).

    Soffid will ask you for confirmation to perform that action, you could confirm or cancel the operation.

    Undo

    Allows you to quit without applying any changes made.

    Identity Provider

    List

    Add new

    You can add a new Identity provider by clicking on the add button (+). Then Soffid will display a new window and you need to fill in the required fields and save or apply changes.

     Delete

    Allows you to remove one or more Identity providers by selecting one or more records and next clicking the button with the subtraction symbol (-).

    To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation.

    Detail
    Save

     

    Allows you to save the data of a new Identity provider or to update the data of a specific Identity provider.

    To save the data it will be mandatory to fill in the required fields

    Apply changes

    Allows you to save the data of a new Identityidentity provider or to update the data of a specific Identityidentity provider and quit. To save the data it will be mandatory to fill in the required fields.

    Virtual identity provider detail

    Save

    Allows you to save the data of a new virtual identity provider or to update the data of a specific virtual identity provider. To save the data it will be mandatory to fill in the required fields.

    Delete identity provider

    Allows you to delete the Identityvirtual identity provider. To delete a hostvirtual identity provider you can click on the hamburger"three points" icon and then click the delete buttonbutton. (trash icon).

    Soffid will ask you for confirmation to perform that action, you could confirm or cancel the operation.

    Undo

    Allows you to quit without applying any changes made.

    Virtyal Identity Provider

    List

    Add new

    You can add a new Virtual identity provider by clicking on the add button (+). Then Soffid will display a new window and you need to fill in the required fields and save or apply changes.

     Delete

    Allows you to remove one or more Virtual identity providers by selecting one or more records and next clicking the button with the subtraction symbol (-).

    To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation.

    Detail
    Save

     

    Allows you to save the data of a new Virtual identity provider or to update the data of a specific Virtual identity provider.

    To save the data it will be mandatory to fill in the required fields

    Apply changes

    Allows you to save the data of a new Virtualvirtual identity provider or to update the data of a specific Virtualvirtual identity provider and quit.

    To save the data it will be mandatory to fill in the required fields.

    Delete

    Allows you to delete the Virtual identity provider. To delete a host you can click on the hamburger icon and then click the delete button (trash icon).

    Soffid will ask you for confirmation to perform that action, you could confirm or cancel the operation.

    Undo

    Allows you to quit without applying any changes made.


    https://en.wikipedia.org/wiki/Federated_identity

    https://en.wikipedia.org/wiki/Identity_provider

    Back to top