Secret Chest can run stand-alone, using a custom email address and password or using a sign in from Apple, Facebook, GitHub, or Google.
The primary admin of an account will then have the ability to add other users, make them admins, and create a link to a federated identity provider (IdP). An identity provider (IdP) is a service that stores and verifies user identities. Think of it as a secure vault for your digital keys, containing all the information that proves who you are online. This information can include your username, password, email address, and even more detailed attributes like job title or department (Secret Chest won't be accessing that kind of account metadata, though).
The process for each IdP and each incantation of each IdP can be special. We have tried to expose the most common things necessary and explain what to configure on the IdP side for each. To get started, log into the web app at app.secretchest.io and click on the SSO entry in the sidebar. If no IdP has been configured, a Provider Config dialog will be displayed.
Notice that in the sidebar, under Provider Config, there are a number of vendors who we've tested Secret Chest with and documented the settings. If you are unsure how to configure the provider itself or the settings we display, tap on the one appropriate for your environment and follow the instructions there.
Once the settings have been configured, use the SAVE button to commit the configuration and begin the first SCIM. SCIM, which stands for System for Cross-domain Identity Management, is an open standard that lets you automate the exchange of user identity information between different IT systems or domains. Essentially, it's a bridge that helps ensure your users consistently have access to the right tools and resources, regardless of where those tools and resources are located.
SCIM uses a specific format for representing user data, like usernames, emails, and groups, which ensures smooth communication between different systems. This removes the need for custom integrations and simplifies data exchange. We have configured rules to automatically create, update, or delete user accounts in different systems when changes are made in the central user directory. This saves time and reduces manual effort for IT administrators. It also helps to enforce consistent security policies across all connected systems. This makes it easier to meet compliance requirements and prevents unauthorized access to data. By streamlining user provisioning and access management, SCIM ensures users have a seamless experience when accessing different applications and services. Maybe that's TMI - given that we do all the SCIM stuffs, but there ya' go.
Comments