Web Login with External Identity Providers

Users have the option of linking ICONICS security to an external OpenID Connect or SAML 2.0 identity provider. Instead of logging in to the ICONICS security log-in dialog, users are directed to a custom log-in page or the log-in page of a compatible identity provider. Users log in with their credentials for that provider, and then ICONICS security will recognize them as an ICONICS user and grant them the appropriate permissions.

For example, when properly configured, users could log in with an Okta account and be authenticated with ICONICS security. Okta would validate the authentication of the login and pass an identity token to ICONICS security. ICONICS security would match that token to an existing ICONICS user and log them in.

Organizations that already provide security via a compatible identity provider can have users log in to ICONICS with those credentials, without having to require them to remember a separate password for their ICONICS account.

Notes:

• Support for specific identity providers, such as Okta, relies on their continued support for the OpenID Connect or SAML 2.0 standards.
• GENESIS64's SAML 2.0 implementation is sufficient to log in to GENESIS64 under most circumstances, but some features of the protocol may be unsupported. For example: IdP-initiated login