Authenticate your users against an external system, such as a web service or enterprise identity provider. When external auth is configured, user passwords are never stored on our platform.


Note: Azure AD is being renamed to Microsoft Entra ID.


When logged into the web portal, navigate to Organization&Users > Organization Setup > Integrations > External User Authentication And Provisioning, and the following options will be available:

  • REST
  • Okta
  • Azure Active Directory (Entra ID)
  • Ping Identity


Okta, Azure AD (Entra ID) and Ping Identity require Enterprise ToolKit.

REST

When a user logs in on our website or apps, our system will receive the login request and ensure the user's email is registered on our platform.


Assuming the user email is found, our system will then transparently 'pass through' the login credentials to this external web service URL for authentication.


The external service MUST return a 200 HTTP status code to be considered authenticated by our platform; any other response will be deemed a login failure.


 

Using Connection

This allows you to select a REST connection. If the third-party endpoints are using oAuth 2.0, this is required as the Authentication and Access Token are retrieved in the REST Connections.

Run Connector onSet up the connector to run when a particular status has been changed, the owner has changed, or it is overdue. If Status has changed, it allows you to configure at a specific status or all status. If Overdue was selected, you need to specify the number of days that connector will run after the overdue date.
Destination  URL

When a user logs in on our website or apps, our system receives the login request and ensures the user's email is registered on our platform.


Assuming the user email is found, our system will transparently 'pass through' the login credentials to this external web service URL for authentication.

The external service MUST return a 200 HTTP status code to be considered authenticated by our platform; any other response will be deemed a login failure.


The following placeholders can be used to inject the user's identifier, login, organization ID and device operating system, name and IP address into the URL, headers, and body:

{{USERID}}

{{USEREMAIL}}

{{USERPASSWORD}}

{{USEREXTERNALID}}

{{ORGID}}

{{DEVICEOS}}

{{DEVICENAME}}

{{DEVICEIP}}

HTTP ActionSelect the request action (POST, PUT, GET) and Data As (JSON, URL Encoded, XML).
Data As

specify the format of the Rest API.            

  • JSON - JavaScript Object Notation format
  • XML - eXtensible Markup Language format
Use Global Task Rest URL Will direct all task connector requests to the REST endpoint defined in Organization Setup -> Global Task REST URL
Disable default query string parameters (checkbox)

By default, specific query string parameters are appended to the URL which can be used to determine the context of the origin of a request. Un-tick this checkbox if you do not require this information to be sent.


Please note that if you are connecting with Platform Sync, this checkbox should remain un-ticked.

Anonymize Personal DataWhen enabled, all fields marked as Personal Data will be converted into a nonhuman-readable format to aid with privacy.