RECIPES › AUTHENTICATION BROKER > MULTIPLE IDP SELECTOR
Multiple IdP Selector
Learning to deploy smart authentication via contextual ldP routing is simple with Maverics recipes. Use this recipe to:
Support mixed user groups and multiple concurrent ldP options with identity coexistence
Enable policy-based application authentication behavior with smart authentication
Recipe summary: Multiple IdP Selector
This recipe demonstrates how the format and structure of a username (UN) can be used to direct logic-based IdP routing for authentication events. This logic supports scenarios where certain user groups who log in using their email address as the UN identifier (ie. “[email protected]”) will be authenticated against a specified target IdP (in this case, Azure AD), while others who use a UN that does not contain an @ format (ie. UID or “personaccountname”) will be directed to another IdP for authentication (in this case, Salesforce).
Recipe instructions: Multiple IdP Selector
The Multiple IdP Selector recipe follows two paths based on the type of “username” credential a specified user leverages when they attempt to log into a protected application.
Recipe sequence diagram: Multiple IdP Selector
Recipe YAML config settings: Multiple IdP Selector
Maverics Identity Orchestration works with a simple YAML config* (as shown in the figure to the right). No app rewrites or custom code is required. Download this recipe’s full config file below.
*Config may vary based on your environment.