Provisioning overview

All Multi-Tenant Cloud customers receive entitlement for SaaS user provisioning through a System for Cross Identity Management (SCIM) using Infor OS. During provisioning, the customer-owned identity provider is installed or configured by the customer or a third-party provider. The third-party application used for SCIM may be the identity provider, because many identity providers (Okta, Azure, and so on) are SCIM compliant. If SCIM is not yet configured, an export or import (.csv or XML) can be performed to transfer users from Identity Store (customer owned) to Infor OS (Cloud MT). After initial users are loaded, complete user maintenance in the main application by using the Security User Master (SUM) BOD or by entering information manually.

Note: The authentication process between identity providers requires the user to have access to both identity providers.

Federated authentication enables you to connect the applications across networks. With federated authentication, you can authenticate into any third-party application with your organization credentials. Infor OS integrates with any third-party identity provider using the SAML protocol or OpenID Connect to provide the Single Sign On (SSO) experience. This document describes the process of integration between the third-party identity provider and Infor OS.

Note: Based on the requirements and the existing configuration of a customer’s identity provider, the instructions provided in this document may vary based on the assumptions in each of the sections relating to federation.

Configuration must be completed through the Infor Federated Services (IFS) user interface. Infor OS provides the platform for administrators to configure. When following the instructions, customers can access Infor OS multi-tenant application by using their organization credentials.

Customer configurations vary. This document is intended for best practices. The prerequisite knowledge required is an understanding of Single Sign On (SSO), IDP knowledge, and steps for customer setup.

Caution: 
The Federated Identity configurations must be validated after creation. If not, there is a risk of unauthorized users gaining access to the system if the configurations are not done properly.

Contact your Customer Success Manager or open an Infor Support Incident for these purposes:

  • If assistance is required, there is an Infor team that can be engaged.
  • If there are other use cases not documented for the IDPs defined.
  • If customer configuration is complex and help is needed.