Skip to main content

Store users and user populations in Identity Pools

Identity Pools store user data within the SecureAuth infrastructure, offering an alternative to the Bring Your Own Identity (BYOID) approach. After adding an Identity Pool to your tenant, connect it as an Identity Provider (IdP) to specific workspaces. End users can then log in to SecureAuth or register in the Identity Pool. Choose authentication methods like passwords, one-time passcodes (OTP), or passkeys. This guide explains how to manage Identity Pools and add users.

Prerequisites

  • Access to a SecureAuth tenant

Add an Identity Pool

Create an Identity Pool to store user data and manage authentication settings.

  1. Go to Tenant Settings > Identity Pools.

    identity_pool_001.png
  2. Click Create New.

  3. Configure the basic settings:

    Name

    Display name for the identity pool

    Description

    Optional. Helps identify the pool

    Tag color

    Color used to label the pool in the admin portal

    Sign In / Sign Up

    Choose sign-in methods (verification code, password, or passkey) and enable/disable self-registration

    Schema Settings

    Assign a custom user and metadata schema if needed

  4. Click Create.

    Result: The pool is created but has no users yet.

Add users to an Identity Pool

Add users to an Identity Pool so they can log in and authenticate using the configured methods.

Note

Adding a user to an Identity Pool does not grant immediate access to your applications.

To enable authentication, configure an application and connect the Identity Pool as an authentication provider to the workspace where the client application is added.

  1. Go to Tenant settings > Identity Pools > [Selected Identity Pool] > Users.

  2. Click Create User and fill in the form:

    Email/Mobile

    User identifier for login

    User data

    Required user information based on the assigned schema.

    • Family name – The last name or surname. Example: Smith in John Smith

    • Given name – The first name used to identify an individual. Example: John in John Smith.

    • Name – A general term that refer to a full name (first + last), a nick name, or any other identifier. Example: John Smith as the full name.

    Mode

    Choose how to set user credentials:

    • Send invitation – Sends a link for user registration

    • Set credentials – Admin sets a password for the user

  3. Click Create.

Add groups in an Identity Pool

Groups in an Identity Pool help manage user access and permissions by organizing users with similar roles or needs. For example, in a customer portal, you can create groups for free-tier users and premium subscribers with different feature access. In a B2B scenario, groups can represent different partner organizations, each with specific permissions.

Assign users to groups within an Identity Pool to manage permissions and access control to certain resources.

  1. Go to Tenant settings > Identity Pools > [Selected Identity Pool] > Groups.

  2. Click Create Group and provide a name and description.

  3. Click Assign Users to assign users to the group.

    Note

    You can only assign users to a group if they already exist in the Identity Pool. Create users first before adding them to a group.

Next steps

After setting up an Identity Pool, you can:

  • Connect it as an Identity Provider (IdP) in a workspace to enable authentication and access to a resource.

  • Assign authentication methods, such as passwords, OTPs, or passkeys.

  • Configure security settings, including password policies and verification codes.

  • Add and manage users, including assigning them to groups.

  • Create additional groups or nested groups to organize users by roles or permissions.

  • View and manage users at both the Identity Pool level and within specific groups.

For details on using an Identity Pool as an IdP, see Use SecureAuth for user authentication.