External Identity Providers Overview

GENESIS Security supports external identity providers through OpenID Connect (OIDC) and SAML 2.0, enabling organizations to integrate their existing identity management solutions for secure, centralized authentication. With this integration, you can log into GENESIS using credentials from third-party identity providers, such as Microsoft Entra ID (formerly Azure AD), Okta, or any other compatible provider that supports these protocols.

When you log into GENESIS through an external identity provider (OIDC or SAML), the process is seamless and simple. Instead of entering your GENESIS-specific credentials, you are redirected to the log-in page of your external identity provider, such as Entra ID or Okta. For example, if your organization uses Entra ID, you enter your Entra ID credentials (username and password, possibly with an added multifactor authentication) on the familiar Microsoft log-in screen. Upon successful authentication, the identity provider generates a token and sends it back to GENESIS.

GENESIS validates the token and maps it to an internal GENESIS user that can either be defined in the GENESIS database, or can be sourced from an on-premise Active Directory or from Microsoft Entra ID. The system checks this user for any predefined permissions or group memberships and grants access accordingly. You are now logged into GENESIS with all your rights and restrictions as defined by the internal security configuration. You have used your organization's standard log-in credentials to access GENESIS. With the benefit of single sign-on (SSO), you do not need to remember a separate set of log-in details for the system.

GENESIS can also act as an OpenID Connect identity provider (OIDC IdP). In this mode, it serves as the authentication provider for third-party clients like Cortana, Alexa, or custom web applications. This feature allows external applications to authenticate users against the GENESIS security system, obtaining an OIDC token that grants access to secured data and operations within the GENESIS environment. By operating as an OIDC IdP, GENESIS enables secure interactions between external systems and its own components​​.

What's Next?

• Learn about web login with an OIDC or SAML identity provider
• Learn about web login with Microsoft Entra ID