Skip to main content
Skip table of contents

IDP Proxy

My-Access supports SAML2, OIDC and OAuth2 protocols as Service Provider (SP) in a scenario where user authentication/authorization is delegated to an external Social Network (Meta, Google, X, etc.) or private third party Identity Provider (IdP) using their own local credentials.

In these scenarios, My-Access and external IdPs must share a unique identifier for each user. This identifier acts as a correlation key during the authentication process. My-Access supports registration of user accounts by consuming SAML attributes.

image-20240705-114653.png

Use My-Access as IdP Proxy to social platforms or private IdPs.

Enrollment process

Enrollment

IDP Proxy authentication does not require any specific enrollment from the user’s perspective.

Authentication process

As for other authentication modes, once the method activated, a new module will be available. Users will be able to click on the associated tile, or will automatically be redirected to the third-party IDP based on the settings (e.g. all @acme.com users are redirected to the third-party IDP).

Memority supports login_hint to make the authentication process easier (users do not need to type their login twice).

Sans titre-20250106-123544.png

Read Next

FIDO2 For Windows Hello, Yubikeys & Passwordless Authentication — My-Access offers Passwordless Authentication using Fido2 or Windows Hello tokens. FIDO2 is the passwordless evolution of FIDO U2F.
OTP SMS / Mail authentication — My-Access offers authentication via OTP sent by email or SMS, compatible with authentication to access Web applications, mobile applications and heavy clients.
OATH For Authenticator Apps — My-Access offers authentication through OATH to generate TOTPs on mobile Authenticator Apps such as Google Authenticator, Microsoft Authenticator or any other eligible application.
x509 Certificates For Chip Cards & Badges — My-Access offers Authentication using x509 certificates, namely for chip card (badges) authentication or for certificates stored in browsers.
Passwords (Including LDAP/AD passwords) — Memority offers password authentication natively.
IDP Proxy — My-Access supports SAML2, OIDC and OAuth2 protocols as Service Provider (SP) in a scenario where user authentication/authorization is delegated to an external Social Network (Meta, Google, X, etc.) or private third party Identity Provider (IdP) using their own local credentials.
Kerberos Authentication — My-Access supports transparent Kerberos authentication.
Secure Cookie — Memority provides authentication via Secure Cookie (“Trust this device”), which is mostly used in B2C contexts.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close