This guide describes the technical requirements necessary to…

Who Is This Guide For?

You may be interested in this guide if you want to…

Definition: An Identity Provider (IdP) is responsible for providing identifiers for users interacting with a system.

3PA vs Auto-Provisioning

Third Party Authentication (3PA) is an iQmetrix term referring to the ability of a user to be authenticated by any iQmetrix product using the client’s Identity Provider.

Automated Provisioning or auto-provisioning is a process for managing users automatically. Third Party Authentication (3PA) is required to enable auto-provisioning.

3PA involves creating a trusted relationship between two systems which can enable your users to log into iQmetrix products with their Identity Provider credentials. This is commonly known as Single Sign On.

Single Sign On (SSO) permits a user to enter one name and password to access multiple applications.

One popular example of SSO is the “Log In With Facebook” button used by many websites to allow users access to a website without creating an account.



Enabling Third Party Authentication will limit your ability to:

Managing Users

While Third Party Authentication can provide your users access to iQmetrix products, it does not have the ability to manage what those users can see or do once they are logged in.

Manging users can be done through…

Automated Provisioning

When combined with 3PA, Automated Provisioning allows you to manage users in iQmetrix services by auto-provisioning them from your existing Identity Provider.

For troubleshooting errors and problems, see Automated Provisioning FAQ.


Automated Provisioning requires your organization to have…

You will need to work with your Account Manager to map your Identity Provider roles to Security Roles.

To maintain this mapping, you will need to update iQmetrix Hub when new roles are added or existing roles are updated, for more information see Hub Authentication Setup. If using an RQ version earlier than 6.4, you also need to maintain RQ to Hub security role mappings, for more information see Security Mapping Setup.

In addition, you will need to set and maintain a mapping using the ClientEntityId property on CompanyTreeNode resources. This can be done using the Company Tree API or by updating the External Node Identifier in Company Setup in iQmetrix Hub.

All user information that is supplied with authentication should be maintained in your Identity Provider.


Enabling Automated Provisioning will result in…

Integration Options

iQmetrix supports OAuth 2.0 and WS-Trust for Third Party Authentication and Automated Provisioning, see the guides below for more information.

Was this page helpful?