Federated identity providers
You can manage your identity providers for federated sign-in.
Note
You must be an Enterprise Super Admin.
You must verify a domain first. See Verify a federated domain.
You can choose which provider you want to use to verify the identities of your administrators when they sign-in. You can choose from the following:
- Microsoft Entra ID. See Use Microsoft Entra ID as an identity provider.
- OpenID Connect. See Use OpenID Connect as an identity provider.
- Microsoft AD FS. See Use Microsoft AD FS as an identity provider.
To use a provider you need to add it and then turn it on. You can then use federated sign-in. See Sophos sign-in settings.
You also edit and delete identity providers.
Warning
If you want to use federated sign-in as your sign-in option, you must ensure that all your administrators are assigned to a domain and have an identity provider.
Add an identity provider
To add an identity provider, click Add identity provider. See Add an identity provider.
You can add partial details for an identity provider, but you must complete the setup process before turning on the provider.
Turn on an identity provider
To use federated sign-in, you must turn on an identity provider.
Note
You can't turn on your provider if you haven't finished setting it up or if you've given invalid information.
Select your identity provider and click Turn on.