Search

Security & User Management

Best Practices

When configuring the Authentication and Authorization user management Infor recommends the following best practices: There are Important Technical and Deployment constraints and considerations to each deployment.

Customer System Of Record Diagram
  • Federations for authentication must either support SAML 2.0 or OpenlD connect
  • OpenlD connect federations requires customers identity provider to be externally accessible
  • Maximum of 5 customer identity providers can be federated to a single lnfor CloudSuite tenant if multiple authentication sources are required
  • lnfor supports ldP and SP initiated SSO and SLO
  • All lnfor CloudSuite customers are entitled to a standalone SaaS InforOS for user provisioning on-premise application to be leveraged as the SCIM agent if required
  • If SCIM is not initially available user provisioning can be handled manually or by file import or by enabling JIT on federated connections
  • Custom SCIM mappings maybe required based on enterprise application user attribute requirements
  • MFA requirements for users authenticating via federated connections are customer identity provider configurations
  • lnfor cloud identity accounts can be leveraged for guest users that do not exist within customers systems
  • MFA can be enabled and enforced for lnfor cloud identity accounts
Infor System Of Record Diagram
  • Federations for authentication must either support SAML 2.0 or OpenlD connect
  • OpenlD connect federations requires customers identity provider to be externally accessible
  • Maximum of 5 customer identity providers can be federated to a single lnfor CloudSuite tenant if multiple authentication sources are required
  • lnfor supports ldP and SP initiated SSO and SLO
  • Attribute mappings will be required based on enterprise application user attribute requirements.
  • If HR API is not available a flat file can be dropped into a secure FTP location to be processed by the HR application
  • HR API requires swagger API documentation
  • MFA requirements for users authenticating via federated connections are customer identity provider configurations
  • lnfor cloud identity accounts can be leveraged for guest users that do not exist within customers systems
  • MFA can be enabled and enforced for lnfor cloud identity accounts

These best practices offer essential guidance to enhance your processes. For a personalized and thorough implementation tailored to your needs, reach out to Infor Professional Services. Their expertise ensures optimal results for your unique challenges.