When you create an identity provider, you must configure an authentication card.
Click Devices > Identity Servers > Edit > [Protocol] > [Identity Provider] > Authentication Card.
Specify the following details:
|
Field |
Description |
|---|---|
|
ID |
To reference this card outside of the user interface, specify an alphanumeric value. If you do not assign a value, Identity Server creates one for its internal use. The internal value is not persistent. Whenever Identity Server is restarted, it is changed. A specified value is persistent. |
|
Text |
Specify the text that is displayed on the card to the user. Using this value in combination with the image, users identify the provider they are logging into. |
|
Image |
Select an image to be displayed on the card. |
|
Show Card |
Select it if you want to show the card to users. This allows a user to select and use the card for authentication. If this option is not selected, the card is used only when a service provider makes a request for the card. NOTE:Do not deselect this option for the default contracts. |
|
Passive Authentication Only |
Select this option if you do not want Identity Server to prompt a user for credentials. If Identity Server can fulfill the authentication request without any user interaction, the authentication succeeds. Otherwise, it fails. |
|
Satisfies Contract |
Select required contracts from Available contracts and move them to Satisfies contract. If the Access Manager identity provider is unable to execute the requested authentication contract, it looks for the configured external identity provider. This happens when the Satisfiable by External Contract option is enabled that satisfies the incoming authentication (contract) request. If the match is found, the identity provider lists all the satisfiable contracts to select the appropriate contract. If only a single match is found, the identity provider redirects it to an external contract. If the local identity provider is able to authenticate by using a local contract, which is satisfiable by an external provider, then the first preference is given to the local contract along with the other authentication cards listed. To configure the contract matching criteria, see |
Click OK > OK and update Identity Server.