Note
To link multiple domains to the primary domain, ensure that you complete the following:
- Complete the IdP configuration for the primary domain and keep it active.
- Prove mastery of all domains you want to link to the primary domain.
Single-domain IdP Authentication
To configure IdP authentication for a single domain, complete the following:
- Log in to the Infoblox SSO Portal at https://sso.infoblox.com/.
- On the 3rd Party IDP page, click Select Domain on the right upper navigation bar.
- From the Select Domain drop-down menu, select a domain on which you want to configure 3rd party IdP.
- Once the domain is selected, you must select the protocol you want to utilize in establishing the connectivity between your IdP and SSO Portal.
From the Select IDP Protocol menu, select one of the following:
SAML 2.0 for Okta and ForgeRock
Azure SAML for Azure AD (Active Directory)
The SSO Portal displays the selected domain and protocol, as shown below:
- After you have selected a domain and a protocol, you can complete the following 3rd party IdP settings:
Multiple-domain IdP Authentication
Before you configure multiple-domain IdP authentication, consider the following:
- The primary domain configuration, including group mappings, applies to all linked domains. The configuration for linked domains is a read-only copy of the primary domain configuration. To edit the IdP configuration, you must select the primary domain from the Select IDP Protocol drop-down menu.
- Deactivating or resetting the primary domain will unlink all domains, resulting in the need to re-link them after reactivation.
To configure IdP authentication for multiple domains, complete the following:
- Log in to the Infoblox SSO Portal at https://sso.infoblox.com/.
- On the 3rd Party IDP page, click Select Domain on the right upper navigation bar.
- From the Select Domain drop-down menu, select the domain you want to link to the primary domain.
From the Select IDP Protocol menu, select Link to <primary domain> <IdP Protocol>, where primary domain is the domain name of the primary domain and IdP protocol is the federated IdP configuration of the primary domain.
In the following example, you would select Link to Test.com SAML 2.0 from the drop-down menu to linkExample.domain.com
to Test.com using the SAML 2.0 IdP configuration.- In the warning dialog, click Confirm to confirm that you want to link the domain to the primary domain.
- To the right of the domain name, the Cloud Services Portal displays the federation status and the primary domain to which this domain is linked, as follows:
- Repeat the above steps if you want to link multiple domains to the primary domain. Note that all linked domains share the same IdP configuration of the primary domain.
Unlinking a Domain from Multiple-Domain IdP
To unlink a domain from the primary domain, complete the following:
- Log in to the Infoblox SSO Portal at https://sso.infoblox.com/.
- On the 3rd Party IDP page, click Select IDP Protocol on the right upper navigation bar.
- From the Activate drop-down menu, select Unlink from <primary domain>, as shown in the following:
This page has no comments.