5.1 Understanding Social Media Identity Sources in CloudAccess

CloudAccess allows you to configure multiple social media identity sources that customers can use to authenticate to your business’ website. These identity sources are identified by an “SSO” designation in the Identity Sources palette on the Admin page of the administration console. CloudAccess creates a SAML assertion using attributes obtained from the identity sources to allow SAML authentications into the resources associated with your website. Customers can log in to CloudAccess using existing social media accounts such as Facebook or LinkedIn and obtain access to specific resources, such as a rewards program, without having to create a new account.

You must configure the identity source and the connector for the identity source for the authentication process to work. In addition, you must map identity source roles (groups) to application authorizations to grant user access to those applications. Policy mapping is an essential step to provide user access. For more information, see Section 12.0, Mapping Authorizations.

Once you have configured the appropriate social identity sources and SAML applications (including appmarks), and mapped identity source roles to application authorizations, users who log in to CloudAccess see the appmarks on the landing page for the applications they are entitled to use.

IMPORTANT:Social media account access is intended to be used only for lightly secured resources, but does not guarantee that identities will be audited and corrected like a corporate directory.