Account linking can happen in several different ways, depending on customer requirements. The common element is that the digital identity the user chooses, such as Google, Microsoft, or LinkedIn, is connected to data provided by the organization.
Cirrus Identity stores a table of mapped attributes for users.
When users log in to enterprise apps (on the right), the Cirrus Proxy queries the account linking source and asserts the appropriate organizational attributes.
Users can be linked to organizational data as part of the authentication process (SAML or JWT).
Users can be asked questions to verify their identity and if successful, data is linked.
Users can receive an email request and, as part of claiming the request, the data is linked.
Cirrus Identity account linking white paper is available upon request.