Documentation | Identity Provider Proxy

--
banner-why-cirrus-pages.png
Cirrus+Identity+Dark+Blue+Banner.png

Overview

For many organizations, the Cirrus Identity Provider Proxy becomes a central integration point. One side is a single identity provider endpoint that integrates with applications supporting enterprise SSO integration.

  • Users can choose from enterprise identities, custom identities, social login, or federated partner identities (on left) when access enterprise applications (on the right).

  • The Identity provider proxy is metadata aware (InCommon, eduGAIN, custom metadata).

  • Fully integrated with other Cirrus Identity Solutions, including Account Linking.

  • Leverages the configurable Cirrus Identity Discovery Service.

  • Advanced attribute assertion capabilities for all proxy transactions or based on Service Provider requirements.

  • Advanced attribute assertion capabilities for all proxy transactions or based on Service Provider requirements

  • Can translate protocols from IdP (SAML) to Service Providers (CAS)
infographic-identity-provider.png

Common Uses

Single IdP Endpoint

Provide multiple login options (enterprise, federated, and social) with applications that only support bilateral SAML integrations

Assert Linked Attributes

Integrate with the Cirrus Account Linking service to enable assertion of enterprise identifiers when a user logs on with an external identity (social login or our hosted External Identity service)

Custom Attributes

Define custom attribute release policies per service

Protocol Translation

Present CAS assertions when a user logs in with a SAML identity provider