Federation: Integrate with third-party IdP provider
Arculix integrates well with third-party IdP providers, should you want to stay with your legacy IdP.
The following describes examples of integrations with Okta, Ping Identity, and Active Directory Federation Services (AD FS).
These solutions work best with Arculix LDAP Agent installed on your network to facilitate logins. In some use cases, you can avoid this, but it prevents Arculix from applying policies based on group membership.
Okta
There are two options to integrating Arculix with Okta as an IdP.
IdP chaining (aka Federation). Arculix assumes the role as an IdP to authenticate users and redirects the flow back to Okta.
Arculix documentation: Set up Arculix single sign-on (SSO) MFA integration with Okta
Arculix video: Okta-Arculix integration - IdP chaining
Okta documentation: Set up inbound SAML with Arculix, and use Okta as a service provider (SP)
Factor Sequencing (aka IdP Factor). Okta provides authentication, but uses Arculix as an authentication / MFA factor.
Arculix documentation: Set up Arculix intelligent MFA with Okta
Arculix video: Okta-Arculix integration – IdP factoring
Okta documentation: Enable Arculix Passwordless Continuous Authentication for Okta IdP
Important
Take note that MFA Factor Sequencing in Okta is an Early Access feature enabled for your tenant by Okta. If this is not enabled, contact Okta Support.
Ping Identity
There are two options to integrating Arculix with Ping Identity as an IdP.
PingFederate plugin. Arculix provides a PingFederate plugin that you can install and configure on a PingFederate server.
Ping documentation: Arculix (formerly Acceptto) IdP Factor plugin for PingFederate
PingFederate IdP Factor MFA plugin for Arculix is available in the Arculix Download Center. For installation and configuration instructions, see this Arculix document and video.
Direct SAML integration. A more advanced option is to use a direct SAML integration with the Arculix cloud-based SSO portal. This gives you some flexibility to integrate the SAML flow more tightly to fit your needs.
Arculix and PingOne SAML integration: documentation | video
Arculix login video: PingOne + Arculix (IdPChain) - IdP-initiated login
AD FS
The AD FS plugin allows you to add adaptive MFA to Microsoft AD FS.
Arculix AD FS plugin. Arculix provides an AD FS plugin that you can install and configure on a Windows Server.
Arculix documentation: Arculix AD FS