Connect & integrate your organization directories and authenticate your users in your web-applications with SLX Connect directory services.
Directory Integration Solution
Directory Integration allows organizations to connect with their exisiting directories and authenticate users in their cloud and on-premise applications. Active Directory(AD)/LDAP Integration is the most convenient when it comes to directory services, you can easily integrate your Active Directory in the SLX connect user stores. SLX connect Identity Management Features offers easy user provisioning and deprovisioning features for external directories (Active Directory(AD), ADFS, Azure AD, OpenLDAP, Google, AWS Cognito etc.).
We can connect with any External IDP/Directory
SLX Connect provides user authentication from external directories like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc. It also provides user authentication with other IDPs like Shibboleth, PING, Okta, OneLogin, KeyCloak and many more.
SLX connect IDP
Using the SLX connect platform, the admin can add multiple Active directories and use them as a user store preventing need to manage directories in separate places
Centralized App Management
Administrators can automatically provision and administrate multiple application accounts from one centralized system
Improve security by assigning different permissions level on role based with automatic provisioning within apps
Each organization has a single domain on which shared account database solutions have to be deployed only once. This makes company-wide deployment faster.
SLX connect provides user authentication from external directories like Active Directory, LDAP, OpenDS etc. We have simple and easy directory integration solutions for both cloud and on-premise applications. This on-demand integration service allows user authentication, user provisioning, de-provisioning and reporting of usages of application. An important part of this service is SLX connect's directory integration is easy to set up. In addition to this, SLX connect supports thousands of applications and provides a SSO mechanism for the users present in the integrated directory.
Active Directory Flow
Active Directory Workflow:
1. User sends the request to access the resource from application.
2. The Application sends an authentication request to SLX connect.
3. The SLX connect forwards the authentication request to Active Directory via SLX connect Gateway.
4. Active Directory sends the response to application through SLX connect. This response contains the user’s information as well as the authentication status, based on which the user is given access to the resource.
5. Upon successful authentication, the user is given access to the resource.
Allow your users to authenticate against various LDAP implementations like Microsoft Active Directory, OpenLDAP, and other directory systems and provide a login to any of your applications using credentials stored in your LDAP Server.
Connect with your AWS Cognito User Pool and Identity pool to provide authentication, authorization and user management for your web and mobile applications.
Configure your ConnectWise CRM with SLX connect users to Single Sign On into your web and mobile applications.
Connect your existing My SQL, Microsoft SQL, Postgres SQL and other databases with SLX connect and allow your users to perform Single Sign-On without moving into SLX connect.
Authenticate with any HRM Portal or any application which support authentication via APIs.
Provide user authentication and authorization by using RADIUS which verifies user's information (like username and password) by using various authentication schemes like PAP, CHAP, MS-CHAP, MS-CHAPv2 etc. and allows the request to access the system or service.
SLX Connect Identity Server will act as an Identity Provider that connects multiple service providers with existing user stores for authentication. If you want to connect with any other third party database/directory contact us for integration.
To connect your application with Active directory, you need to perform these steps:
1. Connect your Active Directory to SLX Connect.
2. Connect SLX connect to your application using SLX Connect Broker Service.
1. How to connect an Active Directory to your application using SLX Connect ?
- Login with your SLX Connect account.
- Navigate to User Stores menu option and click on Add User Store button.
- Navigate to AD/LDAP tab and choose either of the following two options:
- STORE LDAP CONFIGURATION IN SLX Connect: Choose this option if you want to keep your configuration in SLX connect. If active directory is behind a firewall, you will need to open the firewall to allow incoming requests to your AD.
STORE LDAP CONFIGURATION ON PREMISE: Choose this option if you want to keep your configuration in your premise and only allow access to AD inside premises. You will have to download and install SLX Connect gateway in your premise.
- Now, provide the following values:
- Select Active Directory from the Directory Drop Down. On basis of your selection all the attributes related to active directory are automatically mapped in the configuration.
- Go to AD FS-> Domain-> respective Users -> Properties-> Attribute Editor. Now copy the value of distinguishedName and paste it against Bind Account DN.
- Enter the valid password for the user from above step.
- Search Base is a user search location. It means where to search for a user.
- If you want to add extra conditions on user search you can add it in Search Filter. Select a suitable Search Filter from the Drop-Down. To use custom Search Filter select "Custom Search Filter" option and provide the search filter in the input field that shows up.
- Enable sync users in SLX connect option if you want on-the-fly user creation of LDAP server users in SLX connect once they authenticate via ldap credentials successfully in the login flow while you are using SLX connect as IDP.
- Click on Save. After this, it will show you the list of User stores. Click on Test Configuration to check whether you have enter valid details. For that, it will ask for username and password.
- On Successful connection with LDAP Server, a success message is shown.
- Click on Test Attribute Mapping.
- Enter a valid Username. Then, click on Test. Mapped Attributes corresponding to the user are fetched.
|Directory Type:||Active Directory.|
|LDAP Server URL:||Select an appropriate prefiller followed by your AD server URL or IP address|
|Bind Account DN:||UserPrincipalName/distinguishedName of the account eligible for binding operation.|
|Bind Account Password:||Password for the account used for binding|
|Search Bases:||Provide distinguished name of the Search Base object Eg:cn=User,dc=domain,dc=com|
|Search Filter:||Search filters enable you to define search criteria and provide a more efficient and effective searches. Eg: "(&(objectClass=*)(cn=?))"|
2. How to connect SLX Connect to your application using SLX connect broker service.
Step 1: Configure Single Sign On Settings in SLX connect
- From SLX connect admin dashboard, navigate to Apps >> Manage Apps >> Configure Apps. Search for G-Suite in SAML section. Select G-Suite.
- Enter the SP Entity ID as google.com, ACS URL as https://www.google.com/a/<your_domain>/acs.
Select the E-Mail Address from the Name ID dropdown and you can also add additional attributes using add attribute option.
- Go to Add Policy section, select DEFAULT from the Group Name dropdown. Enter G-Suite in the Policy Name field.
Select PASSWORD from the First Factor Type dropdown and Click on Save to configure G-Suite.
Click on Metadata link to download the metadata which will be required later. Click on Link to see the IDP initiated SSO link for G-Suite.
Keep SAML Login URL value and click on Download Certificate to download the certificate which you will require in Step 2.
Step 2: Configure G-Suite Settings for SLX connect
- Login to your G-Suite domain as the Account Administrator.
Click the Security Icon.
Note:If the Security icon is not visible, click More Controls at the bottom of the panel and drag the Security icon into the Admin Console dashboard.
On the Security menu, select Set up single sign-on (SSO).
- Enter the followind details as shown:
- Check Setup SSO with third party identity provider option and click on SAVE.
|Sign-in page URL||Enter the SAML Login URL value that you got from Step 1.|
|Sign-out page URL||https://<your-subdomain>.xecurify.com/moas/idp/oidc/logout?post_logout_redirect_uri=https://gmail.com|
|Change Password URL||https://<your_domain>.xecurify.com/moas/enduserpasswordchange|
|Verification Certificate||Upload the downloaded certificate.|
Step 3: Verify your SSO Settings
- Go to your G-Suite account and enter your login credentails.
- You will be redirected to SLX connect login page. Here, enter your active directory credentials and you will be logged in into your G-Suite account.