How do I use an external IdP for user authentication?
  • 22 Sep 2023
  • 1 Minute to read
  • Dark
    Light

How do I use an external IdP for user authentication?

  • Dark
    Light

Article summary

Configuring a Different Identity Provider for User Authentication

RapidIdentity Authentication provides a "Federation" Authentication Method that supports the use of external Identity Providers during the authentication process. It is configured on an Authentication Policy for all or specific users based on roles and attributes.

When a user attempts to login with a userid that resolves to an authentication policy using the "Federation" Authentication Method, RapidIdentity automatically forwards their login request to a Trusted Identity Provider that will authenticate the user.

To avoid having the user enter their userid both on the RapidIdentity login page and on the Trusted Identity Provider's login page (such as Azure), Rapididentity includes the userid provided on the Rapididentity login form as a URL parameter in the form of ?name=LDAP_Attribute where the name is simple string and LDAP_Attribute is the value of the specified LDAP paramater for that user.

Configure the Trusted Identity Provider

image21


Configure the Trusted Identity Provider SAML Assertions

image22


Configure the Trusted Identity Provider Login URL Query Parameters

image.png

Note:

The "Name" setting is a simple string that specifies the label of the parameter and the LDAP_Attribute is the value of the specified LDAP paramater for that user.

?login_hint=someone@somewhere.com

Configure the Trusted Identity Provider on an appropriate Authentication Policy

trusted_idp.png


Was this article helpful?

ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence