Store users and user populations in Identity Pools
Workspace Identity Pools store user data securely within SecureAuth CIAM, giving you full control over authentication without relying on external identity providers (BYOID). After adding an Identity Pool to your workspace, connect it as an Identity Provider (IdP) to enable user login and registration. Configure authentication methods like passwords, one-time passcodes (OTP), or passkeys to meet your workspace needs. This guide covers how to create and manage Identity Pools in a workspace and add users.
Before you begin
Access to a SecureAuth tenant with a workspace
Add an Identity Pool
Create an Identity Pool in your workspace to store user data and manage authentication settings specific to that workspace.
In your workspace, go to Users and click Create Pool.
Enter the Pool name and Description. Click Create.
Result: The pool is created but has no users yet.
After creating a workspace-level Identity Pool, you can add users in any of the following ways:
Enable self-registration to let users create their own accounts
Migrate users using APIs to import existing user data
Manually add users through the Identity Pool interface (instructions in the next section)
Add users to an Identity Pool
Add users to an Identity Pool so they can log in and authenticate using the configured methods.
Note
Adding a user to an Identity Pool does not grant immediate access to your applications.
To enable authentication, configure an application and connect the Identity Pool as an authentication provider to the workspace where the client application is added.
In your workspace, go to Users and select the Users tab.
Click Create User and fill in the form:
Email/Mobile
User identifier for login
User data
Required user information based on the assigned schema. Examples:
Family name – The last name or surname. Example: John in John Smith.
Given name – The first name. Example: John in John Smith.
Name – A general term that refer to a full name (first + last), a nickname, or any other identifier. Example: John Smith as the full name.
Mode
Choose how to set user credentials:
Send invitation – Sends a link for user registration
Set credentials – Admin sets a password for the user
Click Create.
Add groups in an Identity Pool
Groups in an Identity Pool help manage user access and permissions by organizing users with similar roles or needs. For example, in a customer portal, you can create groups for IT Admins and Employees with different application access. In a B2B scenario, groups can represent different partner organizations, each with specific permissions.
Assign users to groups within an Identity Pool to manage permissions and access control to certain resources.
In your workspace, go to Users and select the Groups tab.
Click Create Group and provide a name and description.
To assign users to the group, select a group and click Assign Users.
Note
You can only assign users to a group if they already exist in the Identity Pool. Create users first before adding them to a group.
Next steps
Once you have an Identity Pool, you can:
Add and manage users, including assigning them to groups.
Set up sign in and sign up methods and enable self-registration.
Assign authentication methods, such as passwords, OTPs, or passkeys.
Configure security settings, including password policies and verification codes.
Connect it as an Identity Provider (IdP) in a workspace for user authentication and access to a resource.