Managing Identity Provider Connections
Using a SAML 2.0 identity provider (IdP) allows administrators to consolidate identity information outside of individual applications. Certificates are used to establish trust between SOTI MobiControl and the IdP so that SOTI MobiControl can use signed security assertions from the IdP to allow users access to SOTI MobiControl resources. Once this is configured, instead of authentication at the SOTI MobiControl log in page, users will be redirected to their IdP where they can authenticate, or, if they have already done so, be redirected back to the SOTI MobiControl console for a single sign-on experience. You can also use IdP for other SOTI MobiControl endpoints such as the Self Service Portal or the iOS Profile Catalog.
SOTI MobiControl supports IdPs using SAML 2.0 for authentication. Authorization can come directly from the IdP if configured, or from a secondary lookup via LDAP. If enrolling Android or Apple devices using IdP, it must be IdP with LDAP.