Identity Cloud

Activate or deactivate a federation provider

As a super administrator, you can activate or deactivate a federation provider.

You may want to activate a federation provider if this is the first time you are setting up federation for a tenant. You may want to deactivate a federation provider if the provider is experiencing technical issues. If you deactivate all federation providers for a tenant, administrators can no longer use federation to log into the tenant.

To perform the following steps, you must be a super administrator in a tenant where federation is enabled.

You can only deactivate a federation IdP if one of the following is true:

  • Optional for All Admins is selected on the Edit Tenant Federation Enforcement page.

  • More than one federation IdP is enabled in the Identity Cloud tenant.

    1. In Identity Cloud, navigate to Tenant settings.

    2. Click Federation.

    3. Perform one of the following actions:

      • To activate a federation IdP:

        1. To the right of a deactivated federation IdP, click More (), and select Activate.

      • To deactivate a federation IdP, perform one of the following actions:

        1. To the right of a deactivated federation IdP, click More (), and select Deactivate.

Remove an administrator from a tenant

To automatically prevent administrators from logging into Identity Cloud, in your Identify provider, remove the administrators.

Copyright © 2010-2023 ForgeRock, all rights reserved.