External authentication available in hybrid mode (Identify Federation - Microsoft Entra ID / Username and password)

SHOW ALL CONTENT

Table of contents

Introduction

External authentication available in hybrid mode (Identify Federation - Microsoft Entra ID / Username and password)


This hybrid mode allows certain “external” users who are not present in the Identify Federation - Microsoft Entra ID to authenticate on the Web portal with a username and password
 

Prerequisites

The web portal must be configured with SSO authentication mode to offer hybrid login.

For more information on the Identify Federation - Microsoft Entra ID, see the article here

 

Hybride mode operation

This hybrid mode allows certain “external” users who are not present in the Identify Federation - Microsoft Entra ID to authenticate on the Web portal with a username and password


 

Once this option has been activated, a new “External” checkbox will be visible in the Octopus client user file (Windows version).

Only users identified as “External” will be able to authenticate to the web portal with a username and password, even if SSO authentication is configured for other users.

 



 

Octopus configuration 

Une fois Once hybrid mode has been activated, in order to authenticate to your Web portal with a User Name / Password, you will need to :  


1. Identify which user(s) can connect in this mode by checking the “External”.

* Only an Octopus administrator can modify the “External” option of a user's, you must have the permission: General - Administer Octopus.


2. Distribute the “special” Web portal URL to the users concerned. This link will be sent to you after activation by our ServiceDesk.

Using this link, people identified as external will be able to log in to the web portal with username and password.  


3. Enter username/password for an external user 
    If the password has not been set or has been forgotten, the user can reset it via the web portal.

* To test, you can open a browser in private mode.
 

 

NOTE : 

To benefit from this feature, please send your configuration change request to the Octopus ServiceDesk, a DAZZM solution. 

The This request must be forwarded by the main Octopus administrator contact with permissions for all your teams, as this feature will affect ALL teams.


Option name : Claims.IsExternalLoginAllowed

 

Other complementary option

If required, hybrid mode can be combined with the “Register for service” feature.
When the “Register for the service” option is activated and it is possible to create a new user, this will automatically be considered an “External” user.
 

La fonctionnalité « M’inscrire au service » n’est pas un prérequis à l’activation de l’authentification du portail Web en mode hybride.

If the “Register for the service” option is not active, the “External” field in the user's file will have to be managed manually by an Octopus administrator. This configuration is recommended when the customer needs to manage a limited number of “External” users, such as select collaborators or suppliers.

 

X
Help us improve our articles