This blog is part of a series which is related to setting up Cloud Identity to authenticate Cloud Portal in different scenarios.
|Setting up Authentication for Cloud Portal using Cloud Identity|
In the previous blog, we had a look at how to setup the authentication of an external vendor in the Cloud Portal using SCI. Quite often you will have a requirement where external vendors do not want to use the user ID which you provide rather they would be more than happy to login into HCP via Facebook or other social media sites. SCI currently support authentication using Social Media like Google, LinkedIn, Facebook and Twitter. In this blog, I am going to demonstrate how we can leverage Social Media login to authenticate users to the Cloud Portal.
Configure Social Identity Providers
Login to SCI as an Administrator and access the tile “Social Identity Providers”
Configure the provided social providers. In the below screen, I have already configured all the four social providers. You need to register as a developer with these social providers to obtain the required parameters.
For example, if you are looking to use LinkedIn, then you will need to provide the details like Client ID and Client Secret in the detail page.
Register an application with the Social Identity provider
To obtain these values, login to the developer account of LinkedIn and create a new application
Provide values for your new Application and submit the form.
Once you create your application, you will be provided with the Client ID and Client Secret as shown below. These values need to used in SCI when configuring the Social Identity Providers.
Similarly, you can repeat the same for Facebook. Facebook will require Application ID and Application secret. Logon to https://developers.facebook.com/ and create an application. It will give you the Application ID and Application Secret.
Configure application in Cloud Identity
Once you have finished setting up your Social Identity Providers, navigate to the Applications tile in the SCI Home page. We need to enable our Application (in this case, it is our HCP account which is registered as a Service Provider) to use Social Sign-On as shown below.
Now, we are ready to test our Portal Site. Clear the browser cache and directly access the Cloud Portal site (created in the earlier step). You will be challenged with the same SCI Login screen. This time, do not login with your SCI User. Click on the LinkedIn Icon at the bottom of the login screen.
Sign-in with your LinkedIn personal login credentials and click on “Allow Access”
You will be presented with another screen which states that you have been authenticated by LinkedIn. You will now have to link your SCI User ID with the LinkedIn account.
The system will now link your personal LinkedIn account with the SCI User ID. This is a one-off process. You will be provided with a success message.
Click on Continue button and access the Cloud Portal site as an external vendor.
The next time the same user tries to login, it will only ask for their LinkedIn credentials and will not require the user to provide their SCI credentials (as the account linkage has already been established).
In the next blog, we shall see how to setup and use Self registration forms which can be used by external vendors to register themselves and access the Cloud Portal.