Falcon supports a wide range of authentication methods to keep your social media content safe and secure. In addition to email/password, two-factor authentication (2FA), single sign-on (SSO) through Google, Facebook, Twitter, and LinkedIn, we allow our customers to use their own Identity Provider (IdP) to authenticate their users.
What are the external providers that we support?
- Security Assertion Markup Language (SAML) is an XML-based standard that can perform single sign-on (SSO) exchanges. SAML SSO gives your organization a centralized and secure way of controlling user access to the Falcon platform.
- OpenId Connect
- OpenID Connect is an interoperable authentication protocol based on the OAuth 2.0 family of specifications. It uses straightforward REST/JSON message flows. OpenID Connect lets developers authenticate their users across websites and apps without having to own and manage password files.
How does it work?
- Credentials are exchanged and setup is done both on the customer and Falcon.io sides with the help of each company's IT/R&D departments.
- Once the set up is complete, Falcon.io will generate a customer-specific URL.
- The users must log in using the generated URL.
- The login flow now uses the customer's own IdP to authenticate their users.
How to set up your identity provider
Contact your Falcon Customer Success Manager (CSM) requesting access and providing the following information:
- Name ID
- The common key describing a unique user identity
- Email address(es) for your user(s)
- Claims rules
- Mapping attributes; Authorization rules, etc.
- EndPoints URL
- Certificate SSL (if needed)
The exact details will vary from one IdP solution to another, thus you should obtain the above information from your organization's IT department.
Next, your CSM will forward your information to our R&D department, who will complete the setup and provide you with your own login URL.
Choose your own authentication method
Falcon.io lets customers decide which of the above-mentioned authentication methods should be available for their organization's users. Please reach out to your CSM and let the know which authentication method you prefer.
It is possible to disable all authentication methods except the one provided by the customer's IdP.
For more information on authentication methods, please read the following FAQ article.