Service Providers and Identity Providers

When products use UAA, there is a distinction between two types of providers:

• Service Provider (SP) is the server that receives the assertion.
• Identity Provider (IDP) is the server that receives the authentication request, authenticates the user and sends the assertion to the SP.

Out of the box, Proficy UAA is configured to be an IDP. This means that you can create users and groups directly in Proficy UAA, and Proficy UAA will authenticate those users.

In addition, Proficy UAA can be configured to integrate with other Identity Providers, including LDAP Providers and SAML Providers. In these cases, Proficy UAA uses chained authentication – It will first attempt to authenticate a user against the UAA user store before it attempts authentication through the LDAP or SAML provider.

IDP integration can be configured in the Connectivity section of the UAA Configuration Tool.