Articles in this section

See more

Limeade ONE Authentication Provider Guide

Avatar
Ronald Gilbertson
  • Updated
Follow

Limeade ONE Authentication Provider Guide

Overview

Limeade ONE offers a third-party authentication provider Integration mode that allows companies to use their existing security infrastructure to authenticate users for mobile consumption. Using this mode, a lot of administrative work can be avoided in comparison to using the Limeade ONE authentication. Users can be provisioned in the platform based on their corporate credentials and there is no need to configure users via the user management portal.

Currently Supported Platforms

Limeade ONE already supports many third-party authentication providers. Below are the currently supported platforms:

  1. ADFS
  2. Azure AD
  3. Ping
  4. Centrify
  5. F5

Supported Protocols

Limeade ONE is built to handle many other authentication providers by having the technology to handle the following protocols:

  1. WS-FED
  2. SAML 2.0
  3. Open ID Connect

To have Limeade ONE support a platform that is not on the currently supported platform list, engage with the customer success manager or account manager given; they are always interested in supporting new providers.

Connecting to Limeade ONE

See the following to understand the process for connecting a supported authentication provider to Limeade ONE.

Setting up Claims

The first step to configuring an authentication provider is to set up the claims that Limeade ONE requires to identify users.

Below is the list of required claims that Limeade ONE requires.

Supported Claims

Claim

Description

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn

or

upn

or

userprincipalname

or

Sub

or

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier

or

name

This is the claim that handle user id. It is required to be unique.

We check all claims in the order specified. If none of these claims are found the user will not be granted access.

 

**“sub” is used for Azure AD configuration

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

or

email

or

emailaddress

or

email-address

This claim is used to add a user email address to their user record. The email address can be used for notifications within the Limeade ONE platform. If this claim is not provided we will use the UPN claim for user email which is typically an email address

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

or

First name

or

given_name

or

givenname

 

This claim is used to add the user First name to the user record.

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

or

Last name

or

lastname

or

family_name

or

surname

This claim is used to add the user Last Name to the user record.

 

Exchange of Metadata URLs

The next step is to provide Limeade ONE with a metadata URL. Once Limeade configures the metadata URL in the system, Limeade will provide the user with a custom metadata URL to add to an organizations configuration. The provided metadata file contains all required information needed to work seamlessly with Limeade ONE.

 

Was this article helpful?
1 out of 1 found this helpful
Return to top

Related articles

Comments

0 comments

Article is closed for comments.