How-tos

Controling Login Flow

Explore how you can make your Login with Cloudentity easier and quicker. Check the features that Cloudentity offers for a smooth and user-friendly access to Cloudentity portals.

Login to Cloudentity in a Nutshell

On top of standard login flows and features, such as the credentials prompt or the keep-me-signed-in checkbox, Cloudentity offers a few intelligent login solutions that can simplify your work and improve your efficiency. Cloudentity learns your login patters and, based on those, enhances your login page with additional shortcuts and features. You get an easy and quick access to your favorite workspaces, most-frequently-used IDP, and more, all directly from the login page.

Prerequisites

You have an Cloudentity administrator’s account.

External IDP Login

Cloudentity login page enables you to log in with IDPs active for a particular workspace or developers portal. They are displayed only if you have at least one external IDP connected and activated for a workspace or a developer portal.

To use an IDP hint in your login page, you need to enable the IDP in the Identities page in your workspace. To learn how to configure your IDP hints and check if this setup works, see the video or steps 1-3.

IDP-hints Video Guide

Remember the IDP

Cloudentity login page allows you to select an IDP that would be used for logging in with by default. With the Remember my Identity Provider toggle switch available at the bottom of the login page, you can pick an IDP to log in with next time. To make an IDP default for future logins, select the Remember my Identity Provider toggle and log in with the desired IDP.

You can give up your remembered IDP at any time and pick any other IDP from among your active identities by selecting Select a different account in the login page.

Step-by-step

  1. From the workspace/portal sidebar, select Identity Data > Identity Providers.

  2. From the Identities list, select Active toggles for all the IDPs that you want to enable.

  3. Try to log in to a demo application within the configured workspace. You should now have the option to log in with the configured IDP

IDP Discovery

IDP discovery is one of the Cloudentity’s features aimed at improving the user experience for the login process. It allows to configure a set of email domains for an IDP. Based on that list, the user is suggested and optionally redirected to an appropiate authentication endpoint.

[mermaid-begin]
graph LR A(User enters their email) B(Cloudentity discovers email domain for CIP) C(Cloudentity redirects the user to Cloud Identity Plane) A-- "johndoe@cloudentity.com" -->B B-->C

A lack of email domain assigned to a specific IDP means that the IDP is available for every user trying to log in to the application. It means that this IDP appears every time for suggested IDPs.

It is possible to configure a given email domain only for one identity provider. If a user tries to add a domain that is already defined for a different IDP, a conflict message is displayed with information for which IDP the given domain is already defined.

Static IDPs

For static (sandbox) IDPs it is impossible to enable instant redirect. Additionally, for the IDP discovery to work, the username must contain an email domain.

Enable IDP Discovery

To enable IDP discovery for your IDPs:

  1. Go to Admin Portal > Identities.

  2. Select either Standard Sign in (that allows the users to sign in with any active IDP connections) or Identity Provider (IDP) Discovery.

  3. To enable IDP discovery for a given IDP, go to its settings and select

Configure Domains

Once IDP discovery is enabled, you can configure a set of domains for a given IDP connection.

Provide a set of email domains in your IDP settings Admin Panel > Identities > Your IDP > Configuration

IDP discovery config

Example

You can see that the IDP from the screenshot has two email domains added: example.com and cloudentity.com.

Instant redirect is enabled. Once the user tries to log in using either of the domains, they are instantly redirected to the log in page of this page.

Updated: Jul 11, 2022