Access Evo

Setting up Federation in Access Identity can be completed by you in six steps. This guide provides you with an overview, as well as direct links, to what activities you need to complete to quickly and effectively set up Federation.

___________________________________________________________

Before you can use Federation in Access Identity you must have completed the following prerequisites:

Your chosen OpenID Connect Identity Provider must be installed, configured, and publicly accessible via HTTPS.

The installation, configuration and testing of your chosen OpenID Connect Identity Provider are outside the scope of this document.

- Your chosen OpenID Connect Identity Provider must be installed, configured, and publicly accessible via HTTPS.
- The installation, configuration and testing of your chosen OpenID Connect Identity Provider are outside the scope of this document.

The following shows the steps needed to configure Federation in Access Identity:

Configure an OpenID Connect Identity Provider for Access Identity

To use Federation with Access Identity, the OpenID Connect Identity Provider (e.g. AD FS 2016 (or above), Microsoft Entra ID etc.) you wish to use must be configured to add Access Identity as an Application.

You can find support to configure AD FS 2016 (or above) and Microsoft Entra ID. For other providers, they provide similar capabilities but we can't provide specific instructions.

<a href="https://accessgroup.my.site.com/Support/s/article/Access-Workspace-How-to-configure-Access-Identity-as-an-Application-in-AD-FS-2016?language=en_US" target="_blank" rel="nofollow noopener noreferrer">Configure Access Identity as an Application in AD FS 2016 (or above)</a>.

<a href="https://accessgroup.my.site.com/Support/s/article/Access-Workspace-How-to-configure-Access-Identity-as-an-Application-in-Azure-AD?language=en_US" target="_blank" rel="nofollow noopener noreferrer">Configure Access Identity as an Application in Microsoft Entra ID</a>.

- <a href="https://accessgroup.my.site.com/Support/s/article/Access-Workspace-How-to-configure-Access-Identity-as-an-Application-in-AD-FS-2016?language=en_US" target="_blank" rel="nofollow noopener noreferrer">Configure Access Identity as an Application in AD FS 2016 (or above)</a>.
- <a href="https://accessgroup.my.site.com/Support/s/article/Access-Workspace-How-to-configure-Access-Identity-as-an-Application-in-Azure-AD?language=en_US" target="_blank" rel="nofollow noopener noreferrer">Configure Access Identity as an Application in Microsoft Entra ID</a>.

Security Policies allow you to set Session, Authentication, Two-Factor Authentication and Federation policies that are then applied to your users.

<a href="https://accessgroup.my.site.com/Support/s/article/Access-Workspace-How-do-I-create-and-configure-a-Security-Policy?language=en_US" target="_blank" rel="nofollow noopener noreferrer">Create and configure a Security Policy &gt;</a>

Next, you need to ensure you've configured specific settings required for Federation to work as expected.

<a href="https://accessgroup.my.site.com/Support/s/article/Access-Workspace-How-to-configure-and-test-Federation-Settings?language=en_US" target="_blank" rel="nofollow noopener noreferrer">Configure and test Federation Settings &gt;</a>

Before Federation settings can be configured in Access Identity you must first verify you're the owner of your organisation’s email domain. This is the part of your user’s email address after the @.

You can find support for verifying your domain ownership using this guide: <a href="https://accessgroup.my.site.com/Support/s/article/Access-Workspace-Domain-Verification" target="_blank" rel="nofollow noopener noreferrer">Domain Verification</a>.

Assign the Security Policy to the Verified Domain and Enable the Domain

To enable the Federation settings within the Security Policy and apply these settings to your users, you need to assign the security policy to your verified Domain and ensure that the Enable federation option is enabled.

If you're currently engaged with an Access Consultant on this configuration step, contact them to action this.

If you're migrating to Access Workspace via a Self-Serve approach, <a href="https://accessgroup.my.site.com/Support/s/createcase" target="_blank" rel="nofollow noopener noreferrer">raise a case</a> with us and when raising the case, in the Product Area field, select Integration – Workspace. 

- If you're currently engaged with an Access Consultant on this configuration step, contact them to action this.
- If you're migrating to Access Workspace via a Self-Serve approach, <a href="https://accessgroup.my.site.com/Support/s/createcase" target="_blank" rel="nofollow noopener noreferrer">raise a case</a> with us and when raising the case, in the Product Area field, select Integration – Workspace. 

<a href="https://accessgroup.my.site.com/Support/s/article/Access-Workspace-How-do-I-create-and-configure-a-Security-Policy" target="_blank" rel="nofollow noopener noreferrer">Create and configure a Security Policy &gt;</a>

You should now have successfully set up Federation in Access Identity. If you require support at this time, please raise a new case online or reach out to your Customer Success Manager.

Learn how to configure Federation in Access Identity

Configure Federation in Access Identity

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Configure Federation in Access Identity

Prerequisites

Federation configuration

Configure an OpenID Connect Identity Provider for Access Identity

Create a Security Policy

Configure and test Federation Settings

Verify Email Domain Ownership

Assign the Security Policy to the Verified Domain and Enable the Domain