Customer-Managed Identity Providers

How Authonomy helps manage customers bringing their own identity providers to access your application

Customer-Managed Identity Providers

When customers want to bring their own identity providers (IDPs) to access your application, Authonomy simplifies what is traditionally a complex, manual, and time-consuming process. Instead of lengthy back-and-forth configuration exchanges, Authonomy provides self-service tools that let customers configure their own IDPs quickly and correctly.

The Traditional Challenge

Without Authonomy, onboarding a new customer with their own IDP typically involves:

Manual Configuration Process

  1. Customer provides IDP details (domain, metadata, certificates) via email or support ticket
  2. Your team manually configures the customer’s IDP in your system
  3. Back-and-forth troubleshooting when something doesn’t work
  4. Testing coordination between your team and the customer
  5. Documentation and knowledge transfer for ongoing maintenance

Common Problems

  • ⚠️ Weeks of delays due to manual coordination
  • ⚠️ Configuration errors from manual data entry
  • ⚠️ Security risks from sharing credentials via insecure channels
  • ⚠️ Support burden for your engineering team
  • ⚠️ Poor customer experience with lengthy onboarding

How Authonomy Solves This

Authonomy transforms this complex process into a simple, self-service experience that customers can complete in minutes.

The Authonomy Approach

Customer Self-Service Experience

Step 1: Administrator Accesses IDP Configuration

When a customer administrator needs to set up their organization’s identity provider, your application redirects them to Authonomy’s configuration interface:

Configuration Flow:

  1. Administrator clicks “Set up SSO” or similar button in your application
  2. Your application redirects them to Authonomy with a JWT token that authorizes configuration for their tenant
  3. Authonomy validates the JWT and presents the connection wizard
  4. Administrator sees their organization name, your application branding, and available IDP options
  5. They select their identity provider type (Okta, Azure AD, Google, etc.) to begin guided setup

Step 2: Guided IDP Configuration

Authonomy provides step-by-step instructions tailored to each IDP:

For Okta Customers

  • Clear instructions on creating a SAML application in Okta
  • Pre-filled configuration values (ACS URL, Entity ID, etc.)
  • Attribute mapping guidance
  • Screenshots and tooltips for each step

For Azure AD Customers

  • Instructions for creating Enterprise Application
  • Pre-configured SAML settings
  • Group claims configuration
  • Conditional access considerations

For Google Workspace Customers

  • SAML app setup in Google Admin Console
  • User access configuration
  • Attribute mapping for Google directory

For Generic SAML Providers

  • Standard SAML 2.0 configuration parameters
  • Metadata upload option
  • Manual configuration fields with validation

Step 3: Automated Validation

Once customer provides their IDP details:

  • Metadata Validation: Authonomy validates SAML metadata for correctness
  • Certificate Verification: Ensures certificates are valid and not expired
  • Connectivity Testing: Tests the connection to the customer’s IDP
  • Attribute Mapping Check: Verifies required attributes are configured
  • End-to-End Testing: Simulates a complete authentication flow

Step 4: Instant Access

After successful validation:

  • Customer’s IDP is immediately active
  • Users can authenticate using their existing credentials
  • Customer receives confirmation with login instructions
  • Your team receives notification that setup is complete

What Customers Need to Provide

The self-service process only requires customers to provide standard information they already have:

Required Information

  • IDP Domain/URL: Their organization’s identity provider URL
  • Administrator Access: Ability to create applications in their IDP
  • Basic Organization Info: Company name, domain, admin contact

What Authonomy Handles Automatically

  • SAML Configuration: All technical SAML parameters
  • Certificate Exchange: Secure certificate sharing and validation
  • Attribute Mapping: Standard attribute mappings with customization options
  • Error Detection: Identifying and guiding through common configuration issues
  • Testing: Comprehensive validation of the entire setup

Integration Options

Depending on your existing architecture, Authonomy can integrate in different ways:

Option 1: Authonomy as Your IDP

  • Your application trusts Authonomy as the identity provider
  • Authonomy handles all customer IDP complexity
  • You receive standardized user information regardless of customer’s IDP
  • Best for: New applications or those wanting to outsource IDP complexity

Option 2: Federation with Your Existing IDP

  • Your existing IDP (e.g., your company’s Okta) federates with customer IDPs
  • Authonomy orchestrates the federation setup
  • Your application continues using your existing IDP integration
  • Best for: Applications already integrated with a primary IDP

Benefits for Your Organization

Reduced Support Burden

  • 90% reduction in IDP onboarding support tickets
  • No manual configuration required from your team
  • Automated error detection prevents common issues
  • Self-service troubleshooting guides for customers

Faster Customer Onboarding

  • Minutes instead of weeks for IDP setup
  • Instant activation after successful configuration
  • No coordination meetings required
  • Parallel onboarding of multiple customers

Improved Security

  • No credential sharing via email or chat
  • Automated certificate validation prevents expired certs
  • Secure metadata exchange through encrypted channels
  • Configuration audit trail for compliance

Better Customer Experience

  • Professional setup process that reflects well on your brand
  • Clear instructions with visual guidance
  • Immediate feedback on configuration issues
  • Self-service control over their identity integration

Benefits for Your Customers

Familiar Process

  • Uses their existing identity provider
  • No new user accounts or passwords required
  • Leverages their current security policies
  • Maintains their compliance posture

Quick Setup

  • Complete IDP configuration in under 10 minutes
  • No waiting for your support team
  • Immediate access after setup
  • Self-service troubleshooting

Maintained Control

  • Full control over user access through their IDP
  • Can disable/enable users as needed
  • Maintains their group and role structures
  • No vendor lock-in with standard protocols

Common Customer IDP Scenarios

Enterprise Okta Deployment

  • Customer has existing Okta instance for employee access
  • Wants to extend SSO to your application
  • Authonomy guides through SAML app creation in Okta
  • Configures user provisioning and group mappings

Microsoft 365 / Azure AD

  • Customer uses Microsoft 365 for business operations
  • Azure AD is their primary identity source
  • Authonomy configures Enterprise Application
  • Sets up conditional access policies if needed

Google Workspace

  • Customer uses Google Workspace (formerly G Suite)
  • Wants to use Google identity for your app
  • Authonomy guides through SAML app setup
  • Configures user access and organizational units

Multi-IDP Scenarios

  • Large customers with multiple identity sources
  • Subsidiaries with different IDPs
  • Partner access through different providers
  • Authonomy handles complex routing scenarios

Monitoring and Maintenance

Health Monitoring

Authonomy continuously monitors customer IDP integrations:

  • Connection health checks to detect outages
  • Certificate expiration monitoring with automated renewal
  • Authentication success rate tracking
  • Error pattern detection and alerting

Automated Maintenance

  • Certificate renewal handled automatically
  • Metadata updates when customer changes configuration
  • Security updates applied without customer intervention
  • Performance optimization based on usage patterns

Customer Visibility

Customers get dashboards showing:

  • Authentication activity for their users
  • Health status of their IDP integration
  • Usage analytics and trends
  • Configuration change history

Next Steps

Ready to eliminate the pain of customer IDP onboarding? Authonomy turns weeks of manual work into minutes of self-service configuration, giving you happier customers and a more scalable business.