About third-party authentication

2025-05-30Last updated

Third-party authentication uses a trusted, external identity provider to validate user credentials before granting access to one or more IT systems. The authentication process returns identifying information, such as a username, that is used to authorize or deny the requested access.

What is an identity provider?

An identity provider is a trusted external system that manages user accounts. It authenticates users and provides identity information over a distributed network to applications that depend on it.

Benefits of using an identity provider

Using an identity provider has the following benefits:

  • Advanced authentication requirements, such as using smartcards or Multi-Factor Authentication (MFA), can be imposed to increase confidence that a user is who they say they are.
  • User deactivation is aligned with the customers' own internal policies. For example, when an employee leaves the company or is on an extended leave of absence.
  • Separates the authentication process (verifying identity) from the authorization process (granting access rights).
  • Using single sign-on (SSO), one user authentication can grant access to multiple IT systems or even organizations.
    Note:
    Security Center SaaS only uses an external identity provider for user authentication. Authorization is handled internally.

What third-party authentication methods does Security Center SaaS support?

Security Center SaaS supports the following third-party authentication methods:
  • Microsoft Entra ID
  • OpenID Connect (OIDC)

Single sign-on (SSO)

Single sign-on (SSO) is the use of a single user authentication for multiple IT systems or even organizations. Organizations can integrate their corporate identity provider with Security Center SaaS to simplify the sign in and authentication process. Single sign-on is supported with Microsoft Entra ID and any other OpenID Connect (OIDC) compliant identity provider.

After corporate SSO is configured, the SSO authentication is accepted for all Genetec™ Security Center SaaS products and online customer service portals. This integration uses our shared login.genetec.com authentication service, which enables end users to use a single set of credentials to access our SaaS products and service portals.

To request the integration of Security Center SaaS with your corporate identity provider:
  1. Contact the Genetec™ Technical Assistance Center (GTAC).
  2. Provide an identity provider administrator contact.
  3. Genetec will schedule a call with required stakeholders, including the identity provider administrator to complete the integration.
  4. When corporate SSO is set up, sign-ins for Security Center SaaS, other Genetec SaaS products, and service portals are all managed using your identity provider.

This delegation gives customers control over authentication policies such as the identity life cycle, multi-factor authentication (MFA) requirements, password complexity rules, and so on.