Federation: Integrate with third-party IdP provider
Acceptto integrates well with third-party IdP providers, should you want to stay with your legacy IdP.
The following describes examples of integrations with Okta and Ping Identity.
Okta
There are two options to integrating Acceptto with Okta as an IdP.
IdP chaining (aka Federation). Acceptto assumes the role as an IdP to authenticate users and redirects the flow back to Okta.
Acceptto document: Set up Acceptto single sign-on (SSO) MFA integration with Okta
Acceptto video: Okta-Acceptto Integration – IdP chaining
Okta document: Set up inbound SAML with Acceptto, and use Okta as a service provider (SP)
Factor Sequencing (aka IdP Factor). Okta provides authentication, but uses Acceptto as an authentication / MFA factor.
Acceptto document: Set up Acceptto intelligent multi-factor authentication with Okta
Acceptto video: Okta-Acceptto Integration – IdP factoring
Okta document: Enable Acceptto Passwordless Continuous Authentication for Okta IdP
Important
Take note that MFA Factor Sequencing in Okta is an Early Access feature enabled for your tenant by Okta. If this is not enabled, contact Okta Support.
Ping Identity
There are two options to integrating Acceptto with Ping Identity as an IdP.
PingFederate plugin. Acceptto provides a PingFederate plugin that can be installed and configured on a PingFederate server.
Ping document: Acceptto IdP Factor plugin for PingFederate
Plugin is available in the Acceptto Download Center. For installation and configuration instructions, see this Acceptto document and video.
Direct SAML integration. A more advanced option is to use a direct SAML integration with the Acceptto cloud-based SSO portal. This gives you some flexibility to integrate the SAML flow more tightly to fit your needs.
Both solutions work best with Acceptto LDAP Agent installed on your network to facilitate logins. In some use cases, you can avoid this, but it prevents Acceptto from applying policies based on group membership.