See the topics given below to manage authentication for your applications.
# Design the login flow
When you register an application, you can customize the login flow.
Add other enterprise identity providers as login options.
Configure the number of factors (2FA or MFA) in the login flow to enforce multi-factor authentication.
Enforce conditional authentication to dynamically change the login flow of a user based on the user’s devices, networks, locations, or usage contexts.
# Manage user attributes
Manage the user attributes you want to share with your application:
# Manage connections
You can define connections to external identity providers (IdPs) and use them to authenticate users who log in to your applications. This process of authenticating users with external IdPs is known as identity federation.
The external identity provider (IdP) authenticates users and issues the identification information by using security tokens like SAML 2.0, OpenID Connect, OAuth 2.0, and WS-Trust.
# Benefits of identity federation
There are several benefits of using identity federation:
Allows users to sign in with a user account registered with a trusted IdP without having to manually create accounts for them in Asgardeo.
If the IdP is configured to use JIT user provisioning, signing in with an external IdP will automatically create a local account for the user in Asgardeo.
Give users the convenience of choosing their existing, trusted IdP when they sign in or sign up to your organization in Asgardeo.
# Supported external IdPs
Asgardeo supports a variety of external identity providers with various open-standard protocols (such as OAuth2.0, OpenID Connect, and SAML).
You can configure any number of external connections for your application via Asgardeo.
# Add groups to connections
To add groups to a connection on Asgardeo:
- On the Asgardeo Console, go to Connections.
- Select your connection and go to the Groups tab.
Note that the Groups tab is only available for enterprise and social login connections.
- Enter the name of the connection's group attribute you wish to map to the group attribute of Asgardeo.
- Click Update.
- Click + New Group and enter the group name. Ensure that the name matches the configuration in the federated connection.
- Click Finish to add the group information.