Providers List

Hardik Chheda Updated by Hardik Chheda

Tellius supports multiple identity providers (IdP) to seamlessly integrate with different deployments. It also comes without a box identity providers for the organizations that do not use any identity providers.

Tellius supports multiple providers for authenticating users. These providers are in addition to default username and password settings from the Settings menu.

This section of the document describes different identity providers Tellius supports.

Based on the provider that you select for authentication, you must specify the configuration settings.

Default

The Default identity provider is an IdP shipped with Tellius itself. This is a username and password-based authentication. Superusers will be responsible for creating different users and assigning different roles for them.

These users will be tracked and updated within the Tellius application itself. This IdP is ideal for organizations that do not use any third-party IdP systems or the ones that want to keep the users of the Tellius application separate from their organization users.

LDAP

If the organization uses LDAP to keep track of users, the Tellius application can connect to it. In this mode, Tellius will use LDAP as its IdP. All the users from LDAP are auto imported and will be kept up to LDAP. In this case, there is no need for a separate user creation step. 

SAML

Tellius supports SAML IdP systems. When Tellius is set up with organization SAML, all users will be authenticated using the SAML system and all the users will be auto imported on the first login. Steps to configure SAML.

Azure AD

Tellius supports the Azure AD IdP system. When Tellius is set up with Azure AD, all users will be authenticated using the SAML system and all the users will be auto imported on the first login. 

Security is of utmost importance, especially when it comes to embedded applications. Only authenticated users should be able to access the embedded content.

At the same time, authenticated users should only be shown data and content that they are authorized to view.

We support all modern SAML 2.0 IDP mechanisms, as well as custom SSO and Tokens-based authentication/authorization methods.

As mentioned in the previous sections, Security (Authentication & Authorization) will be based on the global settings setup for the Tellius Platform.

  • So, if SSO has been set up, the users will be automatically logged into Tellius and can see embedded content within the third-party application.
  • Data sent to the embedded application will respect the data policies such as row-level security (if it has been set up in Tellius).

Single Sign-On support through OpenID

Single sign-on(SSO) is supported through OpenID Connect(OIDC). OpenID Connect (OIDC) is an authentication protocol commonly used in consumer-facing SSO implementations. The OIDC protocol handles authentication through JSON Web Tokens and a central identity provider.

To change the default settings of Authentication:

  1. Go to Profile -> Settings -> Authentication.
  2. Click OIDC in Authenticate via and input the valid details for OIDC and click SAVE.

How did we do?

SSO

Contact