- Getting started
- Best practices
- Tenant
- Actions
- Folders Context
- Automations
- Processes
- Jobs
- Triggers
- Logs
- Monitoring
- Queues
- Assets
- Storage Buckets
- Test Suite - Orchestrator
- Action Catalogs
- Profile
- System Administrator
- Identity Server
- About Identity Server
- Identity Management Portal
- Field Descriptions for External Providers Page
- Installation Access Token
- Authentication
- Other Configurations
- Integrations
- Classic Robots
- Troubleshooting
Field Descriptions for External Providers Page
This page is only accessible within the Identity Management Portal, while logged in at host level with a user with the System Administrator role.
|
Field |
Descriptions |
|---|---|
|
Enabled |
When selected, it enables Google OpenID Connect authentication. By default, this check box is not selected. |
|
Display Name |
The name displayed in the Login page for the Google OpenID Connect authentication. |
|
Client ID |
A Google API code required for Google OpenID Connect authentication. This cannot work without the Client Secret. |
|
Client Secret |
A Google API code required for Google OpenID Connect authentication. This cannot work without the Client ID. |
|
Save |
Saves the changes you made to the Google OpenID Connect authentication. |
Read this page for more information about Google OpenID Connect authentication settings.
|
Field |
Descriptions |
|---|---|
|
Enabled |
When selected, it enables Windows authentication. By default, this check box is not selected. |
|
Force automatic login using this provider |
When selected, it enables Windows automatic login. The value of this parameter is set during the installation or upgrade process. |
|
Display Name |
The name displayed in the Login page for the Windows authentication. |
|
Save |
Saves the changes you made to the Windows authentication. |
Read this page for more information about Windows authentication settings.
|
Field |
Descriptions |
|---|---|
|
Enabled |
When selected, it enables Azure Active Directory authentication. By default, this check box is not selected. |
|
Display Name |
The name displayed in the Login page for the Azure Active Directory authentication. |
|
Client ID |
The Application Id associated with the registered Orchestrator in an Azure Active Directory. |
|
Client Secret |
The Client Secret obtained by registering Orchestrator in an Azure Active Directory. This cannot work without the Client ID. |
|
Authority |
The Authority is a URL that indicates a directory from which you can request tokens. It is composed of the identity provider instance and sign-in audience for the app, and possibly the Azure AD tenant ID. You can use one of the following common authorities:
|
|
Logout URL |
The Logout URL obtained by registering Orchestrator in an Azure Active Directory. This is the URL where the external identity provider listens for incoming logout requests and responses. |
|
Save |
Saves the changes you made to the Azure Active Directory authentication. |
Read this page for more information about Azure Active Directory authentication settings.
|
Field |
Descriptions |
|---|---|
|
Enabled |
When selected, it enables you to authenticate using SAML 2.0. By default, this check box is not selected. |
|
Display Name |
The name displayed in the Login page for the SAML 2.0 authentication. |
|
Service Provider Entity ID |
The globally unique name for the SAML Service Provider. |
|
Identity Provider Entity ID |
The Entity Id associated with the registered Orchestrator in the External Identity Provider's own portal. |
|
Single Sign-On Service URL |
The single sign-on URL obtained by configuring Orchestrator in the External Identity Provider's portal. |
|
Allow unsolicited authentication response |
When selected, it enables Identity Server to deliver unsolicited authentication responses to the service provider. |
|
Return URL |
The URL to be used by the service provider to redirect you to Orchestrator after successfully authenticating in the Login page. |
|
External user mapping strategy |
The user mapping strategy to be used by the configured SAML identity provider. The following options are available:
ADFS, Google, and OKTA, they all use your email address as a SAML attribute. Read here more about custom mapping attributes. |
|
SAML binding type |
The transport mechanism to be used by the messages exchanged with the configured SAML identity provider. The following options are available:
|
|
Signing Certificate > Store name |
The Signing Certificate is used by the external identity provider to sign its messages. The fields in this section enable you to configure the use of private key certificates. The Store name field points to the certificate store to search for the certificate. The following options are available:
|
|
Signing Certificate > Store location |
The location of the store to search for the certificate. The following options are available:
|
|
Signing Certificate > Thumbprint |
The thumbprint value provided in the Windows certificate store, with all the spaces between the characters removed. Details here. |
|
Service Certificate > Store name |
The Service Certificate specifies the certificate that the service provider uses for encrypted assertions. The Store name field points to the certificate store to search for the certificate. The following options are available:
|
|
Service Certificate > Store location |
The location of the store to search for the certificate. The following options are available:
|
|
Service Certificate > Thumbprint |
The thumbprint value of the certificate, with all the spaces between the characters removed. Details here. |
|
Save |
Saves the changes you made to the SAML 2.0 authentication. |
