Print this page
In this topic
An identity provider configuration defines a method that the application uses to authenticate a user. In the application, the configuration includes the authenticator, and, if needed, a second authentication method and additional configuration information. On the Identity Provider Settings page, the application system administrators can add, edit, and delete identity provider configurations, and assign the configurations to organizations.
You can also assign identity provider configurations to individual users. For instructions, see Add users.
For information about supported identity providers, see the following documents, which are available on download.nuix.com.
●Configure ADFS with Ringtail for SSO.
●Configure Okta with RIngtail for SSO.
Ringtail has its own authentication, called Ringtail authentication. The application can also authenticate using Windows Active Directory (AD). Third-party identity providers can also provide user authentication for application users who are not in AD and do not use Ringtail authentication. The user account and single sign-on login is managed through the identity provider.
Two-factor authentication (2FA) can also be added to a configuration. 2FA requires additional information to log in to the application and provides an extra layer of security for application users. Within a portal, you can enable an identity provider configuration with a separate 2FA provider and assign the configuration to different users.
Note: The application supports specific identity provider and two-factor provider options. For more information, contact Nuix Support.
When no identity provider configurations exist, the application checks the portal web configuration and determines if Ringtail authentication or AD authentication is in use. The application creates the corresponding identity provider configuration and assigns it as the portal default identity provider configuration. The application then assigns existing users in the portal to the default configuration.
Use the following procedure to view a summary of identity provider configurations in your portal.
1.On the Portal Home page, under Portal Management, click User Administration.
2.In the navigation pane, click Identity Provider Settings.
The page lists each Configuration name, identity Provider name, Two-factor provider name (if two-factor authentication is configured), and the Default indicator, which appears for the default configuration.
On the Identity Provider Settings page, system administrators can add new configurations.
Use the following procedure to add a new configuration.
1.On the Portal Home page, under Portal Management, click User Administration.
2.In the navigation pane, click Identity Provider Settings.
3.Click Add.
In the In the Add Identity Provider dialog box, do the following:
a.In the Configuration name box, type a name.
b.In the Provider name list, select a provider. Depending on your installation, you could see Ringtail, Active Directory, or third-party identity providers listed.
c.Optionally, in the Two-factor provider name list, select a provider name.
d.Optionally, use the Configuration box to store configuration information that may be required by the identity provider, such as license keys. The value in this box should be in JavaScript Object Notation (JSON) format.
e.To replace the current default with this new configuration, select Set as default identity provider. Only one identity provider configuration can be the default for a portal.
4.Click Save.
After you set up identity provider configurations, you can edit or delete the configurations.
Use the following procedure to view and edit identity provider configurations.
●To access and edit the Properties page for a configuration, on the Portal Management > User Administration > Identity Provider Settings page, click a name in the Configuration name column.
All information on the Properties page can be edited.
Use the following procedure to delete an identity provider configuration.
●On the Portal Management > User Administration > Identity Provider Settings page, select the check boxes next to the identity provider configurations you want to delete, and then click Delete.
Note: You cannot delete the default configuration.
When a user is assigned to an organization, the user can be assigned to that organization’s identity provider configurations.
Use the following procedure to manage organizational access to an identity provider configuration:
●To allow an organization to access an identity provider configuration, on the Portal Management > User Administration > Identity Provider Settings > Organizations page, select Allow in the row for the organization.
To disable access to the configuration, select Deny.
Note: For portal administrators, when organization security is enabled, the list of available items depends on membership in a provider or client organization. To understand how organizations are managed in the application, see Organizations. For a summary of how organization security affects portal access for each Ringtail user category, see Portal security table.