Corporate Identity Provider (IdP) Integration
Author:
Fluent Commerce
Changed on:
8 Oct 2024
Overview
If a company has an internal IdP then this IdP can be integrated with our SSO Vendor and used for future user authentication.
API user is always managed in the SSO vendor environment and doesn't have an MFA authentication option.
Key points
- For SSO to work, you need to establish a connection between your Corporate IdP and our vendor IdP. Once the relationship is established then your password policies and MFA configuration will be used during user authentication in Fluent.
Configurations
For SSO to work, you need to establish a connection between your Corporate IdP and our vendor IdP. Once the relationship is established then your password policies and MFA configuration will be used during user authentication in Fluent.
The main steps will include:
- Register application with IdP
- Get the client ID and client secret.
- Add the identity provider in PingOne
Follow one of the guides below as an example. Both Open ID Connect (OIDC) and SAML protocols are supported.
- How to configure Azure AD connection via SAML
- How to configure Azure AD connection via OIDC
- How to configure Okta connection via SAML
- How to configure JumpCloud via SAML
Once steps are completed, your users need to be created in the Fluent application. Use the same username as you currently have for your company users. If usernames are different in your IdP and in the Fluent system, then the user won’t be able to authenticate successfully.
Now you can manage your users internally to enable, disable or change the password at any time. If your user is disabled in your IdP, the user won’t be able to authenticate into Fluent applications anymore.