Munich RE digital integrated SAML/OAuth SSO for external customers for authentication and automated customer management.

The client required external customer authentication via their Azure IDP before accessing the JSM customer portal. Upon successful access, customers should be automatically mapped to a JSM organization and get access to only those portals that are allowed for their organization.
Additionally, the client aimed to automate the manual processes of adding customers to organizations and mapping organizations to portals due to the extensive number of portals and organizations, which consumed significant time.

• Enforcing SSO on the JSM customer portal: Our marketplace plugin, SAML/OAuth SSO for external customers, was tailored to fulfill this need precisely. It seamlessly implemented SSO on the JSM customer portal, aligning perfectly with the customer's expectations.
• Adding customers to the organization based on domain/IDP groups: We introduced the Organization Mapping feature, empowering administrators to map domains and IDP groups to a corresponding JSM organization. This streamlined the process, requiring a one-time configuration for administrators to map organizations, after which the miniOrange plugin autonomously handled customer addition and removal within the organization.
• Granting access to portals based on JSM Organization/IDP group: We introduced the Portal Access Mapping feature, enabling administrators to link portals with JSM organizations/IDP groups. This ensured that only customers belonging to the respective organization or IDP group could access the designated portal, enhancing security and access control.

• The end user accesses the substitute link provided by the miniOrange customer portal.
• The user is redirected to the Azure login page for authentication.
• Upon successful authentication, the miniOrange service receives user details such as domain and IDP groups.
• The organization mapping service is invoked, utilizing mappings configured by the admin to add or remove the customer from the JSM organization.
• Subsequently, the portal access mapping service is invoked, granting access to specific portals based on the mapped JSM organization/IDP group for the customer.

• Streamlined User Management: With the Organization Mapping feature, administrators effortlessly linked JSM organizations with domains/IDP groups, allowing the miniOrange plugin to automate customer addition and removal for each organization. This eliminated the need for manual intervention, saving administrators valuable time.
• Efficient Access Management: Leveraging the Portal Access Mapping feature, administrators seamlessly associated JSM portals with JSM organizations/IDP groups. Consequently, the miniOrange plugin efficiently handled access granting and revocation for logged-in users, based on the established mappings. This simplified access control processes, enhancing overall management efficiency.
• Streamlined Processes: The company was able to streamline their ticket creation process and provide a better user experience to their internal customers.
• Strengthened Data Protection and Privacy: Our solution ensures that confidential information is protected, and data privacy is maintained.

For similar solutions or just to know more about what we can do in the realm of identity and access management, please contact us at info@xecurify.com or call us at +1 978 658 9387. We would be glad to assist you and find the best solution for your needs.