Federated authentication allows a source other than the Vibe server to handle user authentication to Vibe Cloud. To perform federated authentication, your organization must have its own identity provider that supports the SAML 2.0 protocol. The identity provider then passes user attributes (such as users’ names and e-mail addresses) to Vibe.
For example, when a user specifies the Vibe URL in a browser, Vibe redirects the user to the identity provider for login rather than to the Vibe login screen. The user specifies his or her login credentials, then the identity provider verifies the user’s credentials and redirects the user back to Vibe, which allows the user access to Vibe without requiring additional authorization. Vibe never sees the user login credentials because of the trusted relationship between Vibe and the identity provider.
You can leverage federated authentication for the following two purposes when configuring Vibe users:
User Authentication: Your corporation’s identity provider authenticates the user and passes the user’s credentials to Vibe.
User Provisioning: Vibe automatically creates an account for a user who is not in the Vibe system when the user authenticates through federated authentication.
To set up federation between Vibe and the identity provider, you must configure your identity provider to trust Vibe, and you must configure Vibe to trust the identity provider, as described in the following sections: