Identity Provider Integration

Learn how to integrate the Digibee platform with your identity provider.

Written by Júlio César
Updated over a week ago

IMPORTANT: This documentation has been discontinued. Read the updated Identity provider integration documentation on our new documentation portal.

What is an identity Provider?

An identity provider (IdP) is a service that manages and stores digital identities. Organizations use these services to enable their users (typically their employees) to connect to digital resources. They provide a centralized way to manage access, add or remove permissions, and offer high security.

Examples of identity providers:

  • Active Directory (AD)

  • Azure AD Native

  • G Suite

  • PingFederate

  • SharePoint

Which Identity Provider Integration protocol does Digibee support?

Digibee supports SAML V2. If this protocol is not supported by your provider, please contact us so we can perform a case study.

Note: In addition to SAML V2 support, your Identity Provider needs to support sending an email to be used as an ID.

Integrated authentication

In order to provide the best security experience, Digibee has developed a solution called integrated authentication. With integrated authentication, you centralize the authentication process, allowing employees to be included, archived and edited through your identity provider platform.

The Platform's native login (by username and password) will continue to work normally. However, if you prefer, native login can be disabled after validating the entire environment.

User Authorization (Access Control)

The IdP platform is responsible for authenticating users, that is, validating their identification. The Digibee Platform is responsible for the authorization process, that is, which platform features each user (already authenticated) can access. If you want to learn more about the Platform’s authorization process, read the articles about New Access Control.

Steps for Identity Provider integration

To start integrating your identity provider with the Digibee Platform, please contact the support team or your CSM.

Below, we present the necessary steps and information:

  1. Installation and configuration of the IdP with the Digibee Platform;

    1. Submission of installation information

  2. Configuration of accesses on the Digibee Platform

Step 1: Submission of installation information

The first step is to exchange sensitive information between client and Digibee about endpoint keys and certificates to configure the integration.

The integration between the SAML V2 and the Digibee Platform is performed with public addresses, used as a contact endpoint.

Digibee will create an endpoint to connect to the client's IdP. Digibee's address is composed as follows:

Requirements for the installation

Digibee requires the SAML V2 endpoints key from your identity provider.

You can email us an XML file with the XML content or URL.

This is a sample URL that should be sent:

Step 2: Configuring the accesses on the Digibee platform

After integrating the IdP with the Digibee Platform, the user with Access Manager permission can configure or add groups and roles to allow users to access the Digibee Platform's features.

In addition, realms integrated with IdP can perform the integration of IdP groups with Digibee groups. To learn more about the new management model, read the articles about the New Access Control.

Note: The feature is still on the beta program, in order to use it, ask the support team.

Did this answer your question?