You can specify the identity sources that are available at login for user and
administrator work flows in Cloud Identity.
About this task
The work flows are determined by the URL paths that are used to connect to Verify. This task does not
apply to social identity providers. See Managing identity providers for the types of identity sources that you can add and manage the
sign-in options for.
Note: For federated and non-federated users, passwordless authentication,
whether FIDO2 or QR, retrieves only data that is in the Cloud Directory registry. Fine grained
attributes that are not in the federated record of user, for example the group membership of a user,
are not available with passwordless authentication. To synchronize fine grained attributes like
group membership, see
IBM Security Verify Bridge for Directory Sync.
Procedure
-
Select
The table displays the name and realm of the
identity sources that are available and whether they are displayed for the administrator or user.
- Edit the sign-in options for an identity source.
- Select the identity source, click the icon, and select Edit sign in
options.
- Select or clear the check boxes to determine whether the identity source is shown to
the user or administrator at login.
- Use the toggle to determine whether FIDO2 devices or QR codes can be used for user or
admin login.
Note: To hide a sign-in option, it must be toggled off in all the identity sources that are shown to
the users or administrators. If you do not want users to see the option to sign in with a QR code,
it must be off for users in all the identity sources that are shown. If it is set to
On in one of the sources, it is displayed as a sign-in option even though it
is set to Off in all the others. Identity sources that exist but are not
shown, do not affect the sign-in options.
- Click Save.
- Edit an identity source.
If you need to modify an identity source, you can
link directly to the identity source configuration page.
- Select the identity source, click the icon, and select Edit identity
source.
- Modify the identity source.
- Click Save.