IronDiff supports SAML 2.0 for enterprise Single Sign-On (SSO). This allows you to centralize user management and leverage your existing identity provider (IdP) for authentication and authorization.
SAML Setup Process
To integrate your IdP (such as Azure AD, Okta, or Google Workspace) with IronDiff:
- Portal Configuration: Navigate to the Organization settings in your IronDiff Portal to retrieve your ACS URL and Entity ID.
- Identity Provider Setup: Create a new SAML application in your IdP using the URLs provided in the portal.
- Attribute Mapping: Configure your IdP to send the following mandatory attributes:
emailgivennamesurname
Group Management & Administrative Rights
If you want to use enterprise groups to manage administrative rights within IronDiff:
- Group Claims: You must add a group claim for user groups in your IdP configuration.
- Source Attribute: Set the group claim to use the Group ID (or Object ID) as the source attribute.
- Mapping: In the IronDiff Portal, you can then map these specific Group IDs to administrative roles.
By using the Group ID as the source attribute, you ensure that administrative rights are managed securely and dynamically based on the user’s directory membership.