External Authentication User Groups

An 'external group' is a User Group that is managed outside of the Infiniti Environment, typically by Active Directory, LDAP and SAML identity management systems. Like Internal groups it is possible for Infiniti User Administrators to create them from Mange however subscription (or removal) to the group cannot happen in Infiniti, control of that is up the identity management system to which Infiniti relies upon.

📘

Installation and Configuration of Authenticaiton Extensions

Environments where user management is managed by an external Identity Provider need external group(s) configured before the provider is configured so that when the first user (usually a server administrator) attempts to access Infiniti they will have appropriate access to make further changes.

For new installations it is recommend that a test group be identified that has full Global Administrator to Infiniti be identified to test connectivity before making more specific selections.

How to Create an External Group

Identify an existing or create a new group in your Identity management System, in the examples that follow the group name 'IxSupport' will be used. Note the name must be an exact match.

Login to Infiniti Manage (for new installations this will be via forms authenticated, usually the admin/admin account).

Navigate to Groups and click 'New Group'

Enter an Group name identified above.

Check External Group box

Check any appropriate Infiniti roles for the group. Members of this group will automatically receive these roles.