How to connect
FoxIDs become an IdP by registering an application where you can connect applications and APIs. An external IdP is connected with an authentication method
By configuring a SAML 2.0 authentication method and a OpenID Connect application FoxIDs become a bridge between SAML 2.0 and OpenID Connect. FoxIDs will then handle the SAML 2.0 connection and you only need to care about OpenID Connect in your application. You can possibly select multiple authentication methods from the same OpenID Connect application.
If needed you can connect two FoxIDs environments.
Take a look at the FoxIDs test connections in FoxIDs Control: https://control.foxids.com/test-corp
Get read access with the user[email protected]and passwordTestAccess!
How to connect applications
When you register an application with either OpenID Connect or SAML 2.0, FoxIDs become an OpenID Provider (OP) / Identity Provider (IdP). You would most often connect applications and APIs. But a application registration can also be used as a OP / IdP for an external system where the external system is the relaying party (RP).
OpenID Connect and OAuth 2.0
It is recommended to secure applications and APIs with OpenID Connect and OAuth 2.0. Please see the samples.
SAML 2.0
Configure SAML 2.0 to be an Identity Provider (IdP).
How to guides:
- Connect test IdP on Context Handler (Danish identity broker)
How to connect authentication methods
An external OpenID Provider (OP) / Identity Provider (IdP) can be connected with a OpenID Connect or SAML 2.0 authentication method.
All IdPs supporting either OpenID Connect or SAML 2.0 can be connected to FoxIDs. The following is how to guides for some IdPs; more guides will be added over time.
OpenID Connect
Configure OpenID Connect which trust an external OpenID Provider (OP) - an Identity Provider (IdP) is called an OpenID Provider (OP) if configured with OpenID Connect.
How to guides:
- Connect IdentityServer
- Connect Microsoft Entra ID (Azure AD)
- Connect Azure AD B2C
- Connect Signicat
- Connect Nets eID Broker
SAML 2.0
Configure SAML 2.0 which trust an external Identity Provider (IdP).
How to guides:
- Connect PingIdentity / PingOne
- Connect Microsoft AD FS
- Connect NemLog-in (Danish IdP)
- Connect Context Handler (Danish identity broker)
Connect FoxIDs environments
It is possible to interconnect FoxIDs environments with a Environment Link or OpenID Connect.
You can connect two environments in the same tenant with a Environment Link.
Environment Links is fast and secure, but they can only be used in to connect within a tenant.
It is recommended to use Environment Link if you need to connect environments in the same tenant.
You can connect two environments in the same or different tenants with OpenID Connect. The configuration is more complex than if you use a Environment Link. OpenID Connect is secure and you can connect all environments regardless of which tenant they are in. There is basically not different in external OpenID Connect connections and internal connections used between environments.