General
There is the option to connect existing Identity Providers (IdP) via SSO. This allows your users to log into Famedly using their existing credentials. We support the following IdP systems:
- LDAP (Lightweight Directory Access Protocol)
- Active Directory (AD)
- Google Workspace
- Microsoft Entra ID (formerly Azure AD)
- Keycloak
- WSO2
Process
- During a setup appointment, we exchange the necessary configuration files and implement the connection. The required configurations and secrets vary depending on the platform being connected.
- After successful connection, users are automatically redirected to your IdP and sign in with their existing credentials.
- If users have the required permissions for Famedly, we automatically create an account, and they can start using Famedly immediately.
Benefits
- Quick and straightforward integration
- Centralized user management: All user accounts are managed in one place
- Enhanced security through unified authentication standards
- Reduced administrative effort
- Better user experience through Single Sign-On
- Automated user provisioning
Challenges
- Dependency on the Identity Provider – login is not possible during outages
- No automatic deletion of deactivated users from the IdP
If you use an existing authentication procedure of your organisation for the login of users or if this is made possible by us as a provider, please note the following:
In this case, the responsibility for the security of user authentication lies with your organisation. Please ensure that the procedure used meets the current security requirements and is regularly maintained.
It must also be ensured that the authentication procedure is fully under the control of your organisation. In particular, this means that authentication means (e.g. passwords, tokens, certificates) can be managed by your organisation and blocked if necessary.
These requirements are necessary to ensure secure and traceable authentication of your users.