Integrations
You can integrate Identity Providers with Identity as a Service to allow authentication with either IDaaS or the Identity Provider. When integrated, IDaaS acts as an SAML or OIDC client to connect to the Identity Provider. For example, you configure Application XYZ as the Identity Provider and integrate it with IDaaS. When you log in to IDaaS you have the option to log in using IDaaS authentication or log in to Application XYZ using your Application XYZ credentials.
OIDC Identity Providers
Before you begin, you need to obtain the following from your OIDC Identity Provider:
- Client ID
- Client Secret
- Issuer URL
Additionally, you need the following values. You may be able to fetch these values from the Identity Provider once you have entered the Issuer URL:
- Authorization Endpoint
- Token Endpoint
- User Info Endpoint
- Revocation Endpoint
- JWKS URI
SAML Identity Providers
Before you begin, you need to obtain the following from your SAML Identity Provider:
- SP Entity ID
- SSO endpoint
- Identity Provider verification certificate (one or two)
- Optional values:
- Issuer, for example the Entity ID of the Identity Provider.
- Assertion Consumer Service URL if you are using a proxy server.
To integrate a generic SAML or OIDC Identity Provider, see Manage Identity Providers.
Topics in this section
Other IDaaS accounts
You can configure IDaaS as an Identity Provider to be used with other IDaaS accounts. When configured, users log into IDaaS as an IDP and are then redirected to another IDaaS account. You might want to do this in some of the following situations:
Using the provided template, you can integrate your Identity Provider to use the information from your users' Facebook account to log in to your protected applications. Once integrated, users can use IDaaS or their Facebook credentials to log in to your application.
Using the provided template, you can integrate Google as an Identity Provider. When integrated, a user's Google account credentials and profile data can be used for single sign-on to your applications protected by IDaaS.
Identity Verification as a Service
Identity Verification as a Service (IDVaaS) allows remote verification of an individual’s claimed identity for immigration, border management, or digital services delivery. When integrated, with Identity as a Service, IDaaS acts as an OIDC client to connect to Identity Verification as a Service, allowing users to use their IDVaaS to verify their identity or allowing users to use their identity for authentication, or both. This integration guide discusses how to set up IDaaS for IDVaaS identity verification and/or authentication.
Microsoft Entra ID
Microsoft Entra ID is Microsoft’s cloud-based identity and access management service. You can integrate Microsoft Entra ID with IDaaS. When integrated, your users can log in using IDaaS authentication or log in using their Microsoft Entra ID credentials.
Nets E-Ident IDP Broker
Nets E-Ident is an identification broker service. You can integrate Nets E-Ident with IDaaS. When integrated, your users can log in using IDaaS authentication or log in using their Nets E-Ident credentials. For more information about Nets E-Ident Identity Provider, see https://www.nets.eu/developer/E-Ident/getstarted/Pages/default.aspx.
Using the provided template, you can integrate Twitter as an Identity Provider. When integrated, a user's Twitter account credentials and profile data can be used for single sign-on to your applications protected by IDaaS.