Organizations in IBM® Verify enable administrators to model business units, subsidiaries, partner environments, or customer accounts within a single Verify tenant. Each organization can have its own identity providers, owners, and login experience.
Before you begin
- You must have administrator access to your Verify tenant.
- You must have permissions to manage themes, flows, and application settings, including the “Manage organizations” permission.
Procedure
-
Set up Identifier- First Authentication (IFA).
Configure IFA so
Verify can determine which organization a user belongs to, and route them to the correct identity provider during sign-in. Then, configure the respective themes to customize the login experience to use IFA.
For more information about configuring IFA routing rules, see Identity source routing.
Note: Applications that use these themes will automatically start with the IFA login experience.
-
Set up invitation workflow.
Use flow designer to create an onboarding flow that validates each invitation, guides the new user through authentication or registration, and assigns them to the appropriate organization. Create the flow from scratch, or import a template from the
verify-saas-resources Github repository.
For more information about flow designer, see Managing flow designer.
- Optional:
Create organizational attributes.
Create organization-level attributes to extend the organization model. These attributes will allow each organization to define its own specific values. These values can later be leveraged to customize global policy behavior, tailor the login experience, and control application access based on organization-specific configurations.
Note: You can create and manage these attributes by navigating to in your administration tenant.
What to do next
Start by setting up Identifier- First Authentication (IFA). See, Configuring Identifier-First-Authentication (IFA).