Federated identity providers
You can manage your identity providers for federated sign-in.
You must be a Super Admin.
You must verify a domain first. See Verify a federated domain.
You can choose which provider you want to use to verify the identities of your administrators and users when they sign-in. You can choose from the following:
- Microsoft Entra ID (Azure AD). See Use Microsoft Entra ID (Azure AD) as an identity provider.
- OpenID Connect. See Use OpenID Connect as an identity provider.
- Microsoft AD FS. See Use Microsoft AD FS as an identity provider.
To use a provider you need to add it and then turn it on. You can then use federated sign-in. See Sophos sign-in settings.
You also edit and delete identity providers.
If you want to use federated sign-in as your sign-in option, you must ensure that all your administrators and users are assigned to a domain and have an identity provider.
Add an identity provider
To add an identity provider, click Add identity provider. See Add an identity provider.
You can add partial details for an identity provider, but you must complete the setup process before turning on the provider.
Turn on an identity provider
To use federated sign-in, you must turn on an identity provider.
You can't turn on your provider if you haven't finished setting it up or if you've given invalid information.
Select your identity provider and click Turn on.