Managing the Passwords
Logging into IDHub is an important feature. There are multiple ways where passwords are managed for end users by their organization. IDHub provides alternates to use to manage logins for end users.
Ways to Login in IDHub
- To setup login
- Via Keycloak Password Manager
- Via User Federation
- Via SSO/SAML
Let us go into each way in detail
Setup User Logins
Creating users via Service Request will provide default passwords for users to use and login to IDHub. However, password management is an important feature in any Identity management application and is very specific to every organization. Below are ways it can be added
Keycloak Password Manager
- IDHub uses keycloak to manage its password and SSO capabilities for each tenant.
- You can either use default passwords set by keycloak on ‘Create User via SR’ OR
- Enter a password for each user in keycloak manually. Make sure login and email attribute in Keycloak matches with a unique user in IDHub application
This is the least recommended login mechanism from IDHub side. This should be used when there are no other forms of login process possible
User Federation
User Federation is a process by which User information is pulled from a target application into IDHub Keycloak and uses passwords that are present in the application users are federated from. Click Here to learn more.
SSO/SAML
SSO/SAML setup is a process by which passwords are avoided completely and users are allowed to login with authentication system of another application to keep a centralised login to all their applications.
Click Here to learn more.