Integration of federated AD

seemarani · February 14, 2022, 3:48am

Hi Team,

In our project we’ve client AD which is integrated with IdentityNow. This Client AD is integrated with one of their customer AD through ADFS to get access to some application. How we can integrate the customer AD with IdentityNow. Any inputs.

seemarani · February 15, 2022, 4:59am

Thanks for the details. Our main UseCase is the AD accounts exists in client domain should get one of the cloud application access, which exists in our vendor side. The provisioning and access for the cloud application exists in vendor AD side should be managed by IdentityNow. The SAML part is only talking about authentication. Please guide me, if my understanding is wrong.

yannick_beot · February 15, 2022, 7:07am

Hi,
There are several solutions:

"With a VA":Integrate the vendor AD as a new source in IdentityNow. This means a VA in place that can aggregate accounts from this new “Vendor AD”. Probably not what you wish
"With claims": Propagate permissions in the SAML token. This means for instance that in “Client AD”, you have “group 1”, and that the group 1 is part of the group claims in the SAML token.
The vendor AD has then to read the group claims to grant access to their applications
"With a CSV": If the vendor is not able to interpret the claims in the token, I think a plain old CSV file exchange is in order

I do not see any other magical solution.

Topic		Replies	Views
Azure AD as identity provider ISC Discussion and Questions	4	1630	July 19, 2023
Two authentication to sign in IdentityNow ISC Discussion and Questions	1	672	July 19, 2023
Integrating salesforce application with IdentityNow ISC Discussion and Questions identity-security-cloud	2	344	July 21, 2023
SAP Ariba Integration ISC Discussion and Questions identity-security-cloud	1	525	July 19, 2023
Best Practises for handling group based applications ISC Discussion and Questions	4	1665	August 1, 2023

Integration of federated AD

Related Topics