Identity Cloud

Set federation login requirements

After adding administrators, you need to configure how the administrators sign in to the federation-enabled tenant.

To perform the following steps, you must be a super administrator in a tenant where federation is enabled.

  1. To apply federation to Identity Cloud administrators, in Tenant settings, click the Federation tab.

  2. In the Enforcement section, click Edit.

  3. On the Edit Tenant Federation Enforcement page, select one of the following items:

    • Optional for All Admins: Allow all administrators to use either their ForgeRock credentials or federation to sign in.

    • Required for All Admins Except Super Admins: Require all administrators who are not super administrators to use federation to sign in. Super admins can use their ForgeRock credentials or federation to sign in.

    • Required for All Admins: all admins to use federation to sign in. If you choose this option, to switch to a lower enforcement level, you must log a support ticket.

  4. Click Update. It may take about ten minutes for the changes to take effect.

  5. On the Change Federation Enforcement? modal:

    • To confirm your changes, click Confirm.

    • To cancel your changes, click Cancel.

Next step

Copyright © 2010-2023 ForgeRock, all rights reserved.