Versions Compared

Old Version 2

changes.mady.by.user Ann Base (Deactivated)

Saved on

compared with

New Version 3

changes.mady.by.user Karolin Hemmingsson (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: updated to Smart ID names

This article describes how to add a channel for identity orchestration in Smart ID Digital Access component (Hybrid Access Gateway) and select and configure a plugin that is able to communicate with the desired service. That channel is used when you make an access rule requiring identity orchestration. When you add this access rule to a web resource, orchestration will be enabled.

Note

Make sure that the web resource uses the same SSO domain as the channel in the access rule.


Prerequisites

Expand
titlePrerequisites
  • An SSO domain must be available where the orchestrated identity will be stored.

Step-by-step instruction

Expand
titleLog in to Hybrid Digital Access Gateway administration interfaceAdmin
  1. Log in to the Hybrid Access Gateway administration interface with your admin userDigital Access Admin with an administrator account.


Expand
titleSelect plugin

You need a plugin that is able to communicate with the desired service. Default delivered services are a Google Apps, MediaWiki and an SCIM plugin. If another type of service is needed this can be accomplished by writing a new plugin.

  1. In the Hybrid Access Gateway administration interfaceDigital Access Admin, go to Manage System.
  2. Click Identity Orchestration and select the Plugins tab to see what plugins that are available and to upload new plugins.
  3. If you upload a plugin, click Save to update the settings.


Expand
titleAdd identity orchestration channel
  1. In the Hybrid Access Gateway administration interfaceDigital Access Admin, go to Manage System.
  2. Click Identity Orchestration and select the Channels tab.
  3. Click Add Identity Orchestration channel...
  4. Enter a Display Name.
  5. Select the Plug-in to be used.
  6. Select an SSO Domain. When user have been orchestrated, the orchestrated identity is stored in this SSO domain.
  7. Click Next.
  8. Enter configuration parameters for the channel, for help click the ?-sign.


Related information