Configuring Multiple Identity Providers for a Single Domain

You can configure to use multiple identity providers (IdPs) to provide Single Sign-On (SSO) access to the users. If multiple IdPs are enabled for an environment, the Sign In page allows users to choose the IdP to perform SSO.

To configure an IdP, refer to this Microsoft Entra ID setup example:

Activate and Enable the IdPs

  1. Sign into IAM Interface as an Identity Domain Administrator. See Accessing the IAM Interface.
  2. Navigate to the Federation tab. The Identity Providers in the domain are listed.
    Listed identity providers

  3. Select the identity provider that you wish to activate. Click the Ellipses menu (three dots) for the IdP that you want to activate and select Activate IdP.
  4. To confirm the activation, click Activate IdP.

Assign IdP Rule to Multiple IdPs

  1. Scroll-down to Identity Provider policies.
  2. Click the name of the IdP policy to assign an IdP rule.
    Select policy

  3. Navigate to Identity provider rules tab.
    Identity provider rules

  4. Click Ellipses ... next to the IdP policy rule, and then and select Edit IdP rule from the menu.
    Edit default IdP rule
  5. On Edit Identity Provider rule page, use the Assign identity providers menu to assign IdP to this rule.
  6. When you are finished, click Save changes.
  7. Assign application to this policy. Navigate to Applications tab.
  8. Click Add app.
    Assign applications to policy

  9. On the Add app page:
    1. Search and select the apps to assign to this IdP policy.
    2. Click Add App.
    You can now SSO to these environments using any of the configured IdPs.