Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added links.

This article describes how to add a channel for identity orchestration in Smart ID Digital Access component (Hybrid Access Gateway) and select and configure a plugin that is able to communicate with the desired service. That channel is used when you make an access rule requiring identity orchestration. When you add this access rule to a web resource, orchestration will be enabled.

Note

Make sure that the web resource uses the same SSO domain as the channel in the access rule.


Prerequisites

Expand
titlePrerequisites
  • An SSO domain must be available where the orchestrated identity will be stored.

Step-by-step instruction

Expand
titleLog in to Hybrid Access Gateway administration interface
  1. Log in to the Hybrid Access Gateway administration interface with your admin user.


Expand
titleSelect plugin

You need a plugin that is able to communicate with the desired service. Default delivered services are a Google Apps, MediaWiki and an SCIM plugin. If another type of service is needed this can be accomplished by writing a new plugin.

  1. In the Hybrid Access Gateway administration interface, go to Manage System.
  2. Click Identity Orchestration and select the Plugins tab to see what plugins that are available and to upload new plugins.
  3. If you upload a plugin, click Save to update the settings.


Expand
titleAdd identity orchestration channel
  1. In the Hybrid Access Gateway administration interface, go to Manage System.
  2. Click Identity Orchestration and select the Channels tab.
  3. Click Add Identity Orchestration channel...
  4. Enter a Display Name.
  5. Select the Plug-in to be used.
  6. Select an SSO Domain. When user have been orchestrated, the orchestrated identity is stored in this SSO domain.
  7. Click Next.
  8. Enter configuration parameters for the channel, for help click the ?-sign.