xct1h (xct1h) asked a question.
What is federated User in Okta
Hi
I am trying to understand how user with provider type FEDERATION is used in Okta.
The Okta api Documentation, (https://developer.okta.com/docs/reference/api/users/*create-user-with-authentication-provider)
The api creates a new passwordless user with a FEDERATION.
What does passwordless mean here?
My understanding is
- We need to integrate any third party system with okta as a trusted Identity Provider (e.g. MicroSoft Azure
- The Okta system acts as service provider and any third party system acts as Identity provider.
- When we create user with provider type FEDERATION into Okta, Okta will map the user properties with Identity provider account, and if match found the Okta user and Identity provider account gets correlate.
- Now if User try to login into Okta it will not asked Okta password and directed to Identity provider for authentication.
Is my understanding is correct?
Hello,
Identity Provider: An identity provider (IdP) is a system entity that creates, maintains, and manages identity information for principals while providing authentication services to relying party applications within a federation or distributed network. An identity provider offers user authentication as a service.
Federation: Identity federation is an arrangement that can be made between multiple entities to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group. In simple terms, it's a way to 'login' to an app without needing a username/password for that app.
Instead, an IdP authenticates the user, and the app 'trusts' that IdP to assert a users identity for them.
Inbound Federation: Generic support for external Identity Providers connected to an Okta org, at a protocol level (SAML and OpenID Connect). For inbound federation, Okta can be consider an "app" that a user is logging into from another IdP.
Social Authentication: White-label support for specific Identity Providers connected to an Okta org, with out of the box configuration built by Okta's engineering team. (Facebook, Google, Microsoft, LinkedIn)