You can configure additional identity provider connections as needed to support different identity management scenarios, including additional built-in identity providers and third-party identity providers.

You can create three types of identity provider connections using Directories Management.

  • Create Third-Party IDP - Use this item to create a connection to an external third-party identity provider. Ensure that you have following before adding a third-party identity provider instance.

    • Verify that the third-party instances are SAML 2.0 compliant and that the service can reach the third-party instance.

    • Obtain the appropriate third-party metadata information to add when you configure the identity provider in the administration console. The metadata information you obtain from the third-party instance is either the URL to the metadata or the actual metadata.

  • Create Workspace IDP - When you enable a connector to authenticate users during Directories Management configuration, a Workspace IDP is created as the identity provider and password authentication is enabled. You can configure additional workspace identity providers behind different load balancers.

  • Create Built-in IDP - Built in Identity Providers use the internal Directories Management mechanisms to support authentication. You can configure built-in identity providers to use authentication methods that do not require the use of an on premises connector. When you configure the built-in provider, you associate the authentication methods to use with the provider.