Identity & Access - Identity Providers

In Identity & Access, add an Identity Provider A system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network. Acronym: IdP or IDP. (IdP) to authenticate your organization's users through SSO Single Sign-On (SSO) - A session/user authentication process that permits a user to enter one name and password in order to access multiple applications. (Single Sign-On). In addition, the use of an Identity Provider gives you the control to set permissions and policies based on the organization's identities. When logged in to the Infinity Portal, you get access through SSO to all of the different services offered through the portal, such as Harmony Endpoint, or Quantum Smart-1 Cloud.

Note - You can set a maximum of five different Identity Providers for each account.

How to Integrate with an Identity Provider

1. Below Identity Providers, click the plus icon.
   The Integration wizard opens and shows a list of Identity Providers.

2. For the specific Identity Provider, go to the SSO Authentication page and open the instructions. See SSO Authentication Setup with Identity Provider.

How to Change an Identity Provider Integration

1. In the Infinity Portal go to > Identity & Access.

2. On the Identity Provider (IdP) card, click .

   

3. Click one of these options:

   • Edit

     The IDP INTEGRATION window opens.

     You can edit configurations in the IDP INTEGRATION window. For more information, see the configuration instructions for the Identity Provider:

     • Microsoft ADFS

     • Microsoft Entra ID (formerly Azure AD)

     • Okta

     • OneLogin

     • Ping Identity

     • Generic SAML Server

     • RADIUS

     • Duo

     Note - When you edit an IdP configuration, remote users are disconnected after you apply the changes.

   • Disable - Stops the SSO. The existing SSO authentication details stay in the system. You can start the authentication again, if necessary.

   • Remove - Deletes the existing SSO authentication details. If you configure the SSO authentication with a different SSO provider, then Infinity Portal does not keep the former provider's details.

   • Test Connectivity - Tests connectivity between the IdP and Check Point SSO authentication.

How to Regenerate a SCIM API Token

If you configured a SCIM API token and it is expired, near its expiration date, or lost, then regenerate the token.

1. In the Infinity Portal go to > Identity & Access.

2. On the relevant Identity Provider (IdP) card, click .

3. Click Edit.

   The IDP INTEGRATION window opens.

4. Open the Set Directory Integration tab.

5. Click Regenerate Token.

   Important - After you click Regenerate token, Infinity Portal creates a new token that overwrites the existing token.

6. Copy and save the SCIM API Token.

7. Copy and save the URL.

8. In a new browser tab, open the IdP's portal. Keep the Infinity Portal open.

9. In the IDP's portal:

   1. Paste the URL from the Infinity Portal.

   2. Paste the SCIM API Token from the Infinity Portal.

   3. Test the connectivity.

   For details, see SCIM configuration instructions for Microsoft Entra ID or for Okta.

10. In the Infinity Portal, click Apply.