Integration Type for an Identity Provider

A unique URL is a link to a specific web address (in this case, an Infinity Portal account). This URL is unique because it includes authentication information that allows the Infinity Portal to give or deny access based on a preconfigured IdP authentication procedure. If you have multiple Infinity Portal accounts, you may want to use the same IdP for all accounts to simplify user management. Alternatively, you may select to use a unique URL for specific accounts to provide additional security or control.

  • Your IdP is associated only with one Infinity Portal account.

  • Users log in through the Infinity Portal login page.

  • Require domain validation.

Without a unique URL, to log in to the Infinity Portal, users first enter a preconfigured domain (domain verification) that has been set up by the administrator. To validate the user's credentials, the portal sends them to the configured IdP. If the IdP authenticates the user, access to the Infinity Portal is given and the user is directed to the last opened account.

If the domain is configured with more than one IdP, the portal uses an IdP discovery page to validate the user.

  • Your IdP is associated only with multiple Infinity Portal accounts, which are managed separately.

  • Users can login to the Infinity Portal with the unique URL.

Unique URL removes the domain verification requirement from mandatory to optional. In addition, the unique URL gives users a direct link to a specific Infinity Portal account. To do this, the portal uses the IdP configured for the account.

In this illustration, users click a unique URL to get access to the ACME account, https://portal.checkpoint.com/signin/ACME. The portal then validates the user through the IdP configured for the account, in this case, Okta.

In addition, Infinity Portal administrators or account managers can select one IdP to manage multiple accounts without domain verification. For instance, in this scenario, Okta serves as the IdP for three Infinity Portal accounts labeled as "a," "b," and "c." Even though each account uses Okta as its IdP, the login URLs for each account are distinct, which means that users must access each account through its unique URL

Notes:

Before you start

  • Make sure that you know how to set up an identity provider in the Infinity Portal, see SSO Authentication Setup with Identity Provider.

  • To add the same domain name for a new account is not allowed. When there is no selected domain name, the user can log in only through the unique URL, see SSO Authentication Setup with Identity Provider.

  • Existing Infinity Portal users can continue to log in through the Global URL (portal.checkpoint.com) as long as there is a domain configured. Or they can use the unique URL.

  1. In the Infinity Portal, go to > Identity & Access and select an Identity ProviderClosed A system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network. Acronym: IdP or IDP..

    For specific IdP instructions, see SSO Authentication Setup with Identity Provider.

  2. In step two Integration Type, select Login with a unique URL.

  3. Click to copy the unique URL. Make sure to save the URL.

  4. To continue, click Next and follow the IdP Integration steps.

  1. In the Infinity Portal, go to > General.

  2. The Unique Login URL shows below the account's name.

  3. To copy the URL, click .