What Is an Identity Provider (IdP)
An Identity Provider (IdP) is a service that creates, maintains, and manages users' digital identities. It also provides authentication services to third-party service providers. For example, users can use their Google account credentials to log in to UniFi Identity Enterprise. An IdP is hosted on the cloud and saves users the hassle of memorizing different sets of credentials.
Why Should You Use an IdP
It is common for employees nowadays to need to create different accounts on different platforms for work purposes. Managing employees with multiple accounts can, however, be a big challenge for IT admins.
An IdP delivers benefits to make IT admins' jobs easier, simplifying account management while enhancing account security.
What Does UniFi Identity Enterprise IdP support
IdP supports Google and Microsoft IdPs by default. It also supports configuring SAML SSO for other IdPs.
IdP Routing Rule
Admins can configure routing rules to direct users to specific IdPs based on their login environments, such as IP addresses, email accounts, and applications permitted to access. Once configured, users can log in to UniFi Identity Enterprise via the specified IdPs.
Integrated with Sign-on Policies
Admins can configure a sign-on policy and rule for a specific user to determine whether MFA is required for UniFi Identity Enterprise login and specify the session lifetime when UniFi Identity Enterprise is logged in from different devices.
What are the Benefits of an IdP
Having multiple accounts also means higher security risks. Employees may accidentally use their personal computers to log in to corporate resources and may reuse the same password across all accounts. These may give hackers easy access to employees' accounts and put your corporate data at risk. Thanks to UniFi Identity Enterprise IdP, user credentials are securely stored and the risks of impersonation attacks are significantly reduced.
IdP simplifies employees' onboarding and offboarding process. Admins no longer need to manually add new employees to all relevant platforms or remove them when they leave the company. They only need to manage the user list of the IdP server, and then user information will be automatically synced across platforms.
UniFi Identity Enterprise IdP supports proxy authentication, allowing users to log in to their UniFi Identity Enterprise using SSO or their existing IdP credentials. This enables quick login and eliminates password fatigue.
Save the hassle of manually creating and managing accounts in bulk for different platforms. All you need to do is configure a UniFi Identity Enterprise IdP and users can log in to UniFi Identity Enterprise using their existing IdP credentials. UniFi Identity Enterprise IdP greatly reduces IT admins' workloads and allows them to become more productive.
Refer to Identity Providers for more details.