How to Configure an Identity Provider Client in the IGEL UMS Web App

You need to configure the Identity Provider (IdP) client and map IdP roles to user groups to enable Single Sign-On (SSO) for your IGEL Universal Management Suite (UMS). This article helps with configuring an IdP client using the IGEL UMS Web App.

You can also configure the IdP client in the IGEL UMS Console, see Identity Provider Configuration in IGEL UMS .

Prerequisites

• You need to configure an application for the IGEL UMS in your IdP.

Permission Requirement

• The Identity Provider tab is only visible for users with the Administrator Accounts permission. This permission can be set both in the UMS Web App and UMS Console, see How to Manage Global Permissions in the IGEL UMS Web App .

• The Identity Provider client configuration dialog is read-only for users with read permission for the Identity Provider node. You need write permissions for the Identity Provider node of the UMS Console to configure IdP clients in the UMS Web App. The permission can be set through the UMS Console structure tree. For details, see https://kb.igel.com/en/universal-management-suite/current/access-rights .

Configuring the IdP Cient

1. Go to User Management > Identity Provider Roles.

2. Click the gear icon to open the Settings dialog.

3. Enter the details to configure the IdP client:

• Display name: The name of your IdP client configuration, that will be displayed in UMS (e.g., “Okta SSO” or “Ping Configuration”).

• Issuer URI: The URL provided by your IdP (e.g. “https://auth.pingone.eu/…”).

• Client ID: The Client ID provided by your IdP.

• Client secret: The secret key provided when you registered your application with the IdP. Click the eye icon to toggle visibility if needed.

3. After filling in all fields, click Discover to establish the connection.

If the discovery is successful, and the IdP validates it, the button changes to Show details. Click to check the details of the configuration.

After the client is configured, you can assign IdP roles to user groups, see How to Map Identity Provider Roles in the IGEL UMS Web App.

4. You can click Reset configuration to clear the data and start over.

All users who log in through the configured IdP will not be able to access the UMS after the reset.