Federations and federated users
Identity Federations allow you to configure authentication in your dashboard using Single Sign-On (SSO) technology. With this authentication method, user data is stored with your Identity Provider (for example, Keycloak, ADFS, and other SAML-compliant providers).
To work with federations, credential providers must support the SAML 2.0 protocol.
You can set up to 10 federations for access through different vendor accounts.
Federations can be managed through the control panel and through the Federations API.
Federated users
A separate one is created for the use of federations user type — federated, which is a subtype of control panel users. A federated user can be assigned the same roles as control panel users.
Federated users authenticate to the Selectel Control Panel by SSO just as they do when logging into their organization's corporate systems. When authenticating, the user goes to the authorization page at the credential provider — they do not need to have a separate account for Selectel and enter a login and password each time they log in to the control panel.
The federated user login and password are not stored in Selectel.
A federated user does not have access to the API.