This blog is part of a series which is related to setting up Cloud Identity to authenticate Cloud Portal in different scenarios.
|Setting up Authentication for Cloud Portal using Cloud Identity|
In the previous blog, we had a look at how to setup the authentication of an external vendor in the Cloud Portal using social identity providers configured in SCI. In this blog, I am going to cover a scenario where the vendors are not setup as users in SCI. Lots of people join and leave a vendor organization. In some scanrios, it might be easy to provide a Self User registration form to capture the new user.
Configure Registration form in Cloud Identity
Let us repeat the same process, but with a different vendor called Raj Kumar. Raj has recently joined a vendor organization and hence is not yet registered in SCI. To enable Raj to access the Cloud Portal site, we need to first enable self-registration form. This will enable users to register into SCI using an online Form. These forms are highly customizable and can capture the relevant information from the user registering for access.
Login to SCI as an administrator and select the HCP Account which has been registered as an application. Navigate to the “Authentication and Access” tab click on “User Application Access”.
Change the setting to “Public”. If a user is not in SCI, the registration form will be presented to the user.
Navigate to “Branding and Layout” tab and click on “Registration Form”.
Notice that there are lots of fields available to customize the registration form. First name is optional and Second name/Email are mandatory fields by default. You can change the values to see how the Form UI adapts accordingly.
Now, I am going to access the Cloud Portal site as Raj (who is a brand new external vendor). The system will challenge with a login screen from SCI. I can use LinkedIn to authenticate myself.
Once the system authenticates my LinkedIn account, it takes me to the below screen. As I don’t have account in SCI, I will click on “Create New Linked Account”.
This will direct me to a registration form which has been configured by the SCI admin. It will default the details based on the user profile information maintained in LinkedIn. I can now provide a password and click on Register button.
I will be provided with a message to activate my new account in SCI.
I will login as Raj to the email account provided during registration and activate the account.
This completes the registration process. There will be success message stating that the SCI user has been created and has also been linked
As an SCI administrator, I can now check if this new user has been created in SCI
Finally, I can login into the Cloud Portal as Raj and access the business applications.
In the next blog, we shall see how to setup and assign user roles in the Cloud Portal