Product: SecurityHub
Applies to: Customer SecurityHub administrators
Identity+ enables your organization to stay secure and compliant when using shared/group accounts across Intralinks products. User SecurityHub administrators can create the identity groups that define which users can log in using a particular shared account.
For Dynamic linking (SSO), you need to work with your IT department to configure users in your IdP (Identity Provider) with SAML assertions that match the email addresses of the shared accounts they need to access. You have the option to use either the group email address or the customer group identifier in your SAML assertions. For more information, see the "Edit IdP assertions for Identity+ dynamic linking" section in Managing SSO Connectors.
How to create an identity group
For SSO-enabled domains, users in the Identity Provider's (IdP) Group Email Address or Custom SSO Group Identifier will have access to this identity group.
For non-SSO domains, add users to the identity group after the group is created. For more information, see Adding and removing users from identity groups.
- Click the Identity+ tab.
- Click Create a Group.
- In the Identity Group Name field, enter a descriptive name for the identity group.
- In the Identity Group Email Address field, enter the email address of the group account. The group’s users will be able to switch to the shared account that uses this email. The email address is required even if you use a group identifier.
Note: The email address cannot be changed after the configuration has been saved. To change the email address, delete the entire group and add it again.
- (Optional.) If your organization uses SSO and does not support sending email or special characters in SAML assertions, in the Custom SSO Group Identifier field, enter a group identifier for the group. The group identifier can contain only alphanumeric characters, dashes (-), and underscores (_). Group identifiers cannot be used for more than one group.
- Click Add.
How to delete an identity group
- Click the Identity+ tab.
- In the row of the group you want to delete, in the Actions column, click the Delete icon.
- Click Delete to confirm.