Skip to content

Creating and Managing Portals

Portals allow non-employees to sign in to your Non-Employee Risk Management tenant to update their own information in your system.

Each portal in your tenant can have its own authentication directory, password policy, and registration process. The login pages for each portal can use unique URLs and logos so that each portal has a unique look and feel.

Creating a Portal

To create a portal:

  1. Go to Admin > Collaboration > Portals.

  2. Select + Portal.

  3. On the New Portal page, complete the following fields:

    • Name - A unique name for the portal.

      The Uid is generated automatically based on the name. This can be modified during the portal's creation, but it can't be edited later.

    • Url - The subdirectory name for the URL. This is appended to the end of your tenant's URL to create the unique URL for the portal. For example, if you enter Physicians in this field, the portal URL will be <tenant name>.portal.nonemployee.com/Physicians.

    • Login workflow - The login workflow to use for this portal. This can be selected later if no login workflows have been created yet.
    • Password recovery workflow - The password reset workflow to use when users from this portal need to reset their passwords. This can be selected later if no password reset workflows have been created yet.
    • Registration workflows - Select one or more registration workflows to allow users to register within this portal. Each registration workflow appears as a button to register on the login page. If no registration workflows have been created yet, these can be set later. Refer to Registration Workflows to learn more.
    • inactivity timeout (minutes) - The amount of time, in minutes, that a user in this portal can be inactive before they're automatically logged out.
    • Retries - The number of times a user in this portal is allowed to attempt certain authentication-related tasks, such as logging in, answering security questions, or entering an email address to verify.
    • Logo - The logo to use for this portal. If no logo is uploaded, the logo configured in the Branding page will be used.
  4. Select create.

You can configure the JIT provisioning options by editing the portal.

Editing a Portal

To edit a portal:

  1. Go to Admin > Collaboration > Portals.

  2. Select the name of the portal you want to edit.

  3. On the INFO tab, edit the basic information about your portal, such as its name and workflows.

  4. On the SSO tab, edit the information about the SSO provider for this portal, if applicable. Refer to Configuring an SSO Integration for details.

  5. On the ROLES tab, review the roles that grant users access to this portal. You can select the name of a role to edit it.

Configuring Just-In-Time Provisioning

You can configure Just-In-Time provisioning for portal users authenticating into your tenant from your SSO provider. This means that users can be granted an account as they're authenticating for the first time.

Prerequisites:

  • The portal on which accounts will be added must have been created and saved.
  • An SSO integration must be configured for the portal.

To configure Just-In-Time (JIT) Provisioning for a portal:

  1. Go to Admin > Collaboration > Portals.

  2. Select the name of the portal you want to edit.

  3. On the INFO tab, set the JIT toggle to ON enable just-in-time provisioning.

  4. Fill out the other required fields:

    • Profile Type - If Profile Creation in step 5 is set to ON, select the profile type to add the profile to if a new profile is created to represent this portal user.
    • Profile Attribute Mapping - Select the attribute used as the unique identifier for Non-Employee portal accounts. This attribute will be populated by the data within the IDP Mapping Attribute when a new account is created.
    • IDP Mapping Attribute - Enter the name of the attribute used as the unique identifier for the identity provider, corresponding to the attribute you selected in Profile Attribute Mapping.
  5. Choose whether to allow Non-Employee to create a profile for non-employee users authenticating to this portal for the first time.

    If Profile Creation is set to ON, when a non-employee that doesn't have an account attempts to authenticate into this portal, an account will be created for them. If they don't have a profile, one will be created for them as well.

    If Profile Creation is set to OFF, non-employees must have an existing profile to be granted a new account through JIT provisioning and to authenticate into Non-Employee.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.