External Identity Providers are used to provide the user authentication with BlueDolphin. This way BlueDolphin does not store the confidential data of its users. Trusted parties take care of all the confidential data.
The communication between BlueDolphin and the trusted Identity Providers is carried out by the Microsoft Access and Control Service, which can be displayed as shown in the image below.
Element |
Description |
Client |
The client from which authentication is initiated |
IP |
The Identity Provider which has to carry out the user authentication |
ACS |
Microsoft Access and Control Service ensures the received token from the user authentication is converted to an ACS token. This can be used by BlueDolphin. |
RP |
In this case the Relying party application is BlueDolphin |
At the moment, we support the following Identity Providers within BlueDolphin:
- Active Directory (Through federation)
- Own Windows Microsoft Entra Directory
- BlueDolphin Active Directory
- Windows Live
Within BlueDolphin, we can configure the login method per customer. The choice of the validation method depends on your organization's capabilities and wishes.
Identity Provider |
Beheerslast |
Active Directory (federated) |
Client |
Eigen Windows Microsoft Entra Directory |
Client |
BlueDolphin Active Directory |
ValueBlue |
Windows Live |
User |
|
User |
Active Directory
If you want to use your own (local) Active Directory for validation, it must be open for federation. ADFS 2.0 must be installed and configured for this. Please contact ValueBlue in order to use your local Active Directory after the ADFS installation.
Windows Microsoft Entra Directory
You can create an Active Directory within Microsoft Entra ID in case it is not possible or desirable to use your local Active Directory and you want to keep management in your own hands. This does not necessarily lead to additional costs if you only use the basic functions. Please see Microsoft Entra ID pricing for more information.
BlueDolphin Active Directory
You can use the BlueDolphin AD option if you do not wish to login using a “social” Identity Provider and the above options are not possible. This is an Active Directory that is specifically designed for user of BlueDolphin.
Windows Live/Google/Facebook
Your users often have an account on one of these networks. These providers can be safely used to validate your users.
Comments
0 comments
Please sign in to leave a comment.