Configuring Delegated Authentication

In delegated authentication, Jive delegates authentication to your user identity provider.

Note: For information on building delegated authentication support for your user identity provider, see Jive Delegated Authentication in the Jive Community.

Fastpath: Admin Console: People > Settings > Delegated Authentication Settings

Use the following high-level steps to understand the configuration process. The sections below provide more information on the settings themselves.

Select the Enable Delegated Authentication check box to reveal other configuration options.
Under Services, select the services for which you want authentication delegated.
Under Options, select optional features to go along with authentication.
Under Service Location, enter the URL at which your authentication web service can be found.
Test communication from the application to your web service.
1. Enter a user name and password that will provide access to the web service.
2. Enter the IP address for this community.
3. Click Perform Test.

Services

This section lists services provided by the application, and which can require authentication for access. In other words, each of these represents a point of access for users. Select the services whose authentication requests should be delegated to the authentication provider you're describing in configuration here.

Web interface -- The application's browser-based user interface. This is what your users will likely use most often.
Mobile integration -- Access via a mobile device, such as the iPhone. Note that this option has been deprecated as of Jive v5.0. To enable delegated authentication for the Mobile plugin, select the Web interface option.
Web services -- Access via SOAP- or REST-based web services.
RSS feeds -- Access via RSS/Atom calls, such as from a feed aggregator.

Options

These are optional actions you can have the delegated authentication feature perform.

Auto-create users -- Select this to have the application create internal user accounts for users it authenticates with your identity provider, but who aren't represented in the application's database yet.
Synchronize profile fields -- Select this to synchronize user profiles between the application's profile data and profile data stored by your identity provider.

Service Location

The service address is the location at which to find your authentication web service.

Username -- A user name known to the user identity provider.
Password -- The password for the username provided.
Source IP -- An optional field if your authentication web service will evaluate the IP address of the incoming request. For example, you might use this if you anticipate allowing access from only one IP address and you want to test that functionality here.