An Identity Provider (IdP) is a system that authenticates a user on behalf of another system. A popular configuration is Active Directory being the IdP for HelloID. Other systems can be used as IdPs, such as G Suite or Azure.
By default, there are no IdPs configured for HelloID. In this case, users can only authenticate to HelloID as local user accounts that live within HelloID. By adding an IdP, such as Active Directory, users will be able to log into HelloID with credentials from that system.
Add an Identity Provider
- To show the configured Identity Providers, navigate to Security -> Authentication -> Identity Providers.
- To add an Identity Provider click Create Provider.
- This will bring up the Identity Provider Catalog. From here, you add the IdP that best suits your organization's needs.
Specific instructions on each IdP are outside the scope of this article, but you may learn more about your chosen IdP by going to this section.
Control Access with Portal Access Rules
No matter which IdP you choose, you can control how it is offered to users and how it displays for them by setting up a portal access rule. These rules allow you to allow or block access to your HelloID portal based on a number of criteria. In the context of an IdP, however, you may want to hide or show an IdP based on the network or physical location of the end user. For example, you may want to hide an IdP option from users who access your portal from outside of your organization's network. You can learn more about portal access rules here.