GBG Identity Provider used for signup

GBG is a special identity provider that can be used only for signup. It will show up in a separate section of identity providers used only for signup under the signup button. UnP identity is created in this process and GBG is used only to prefill signup data by scanning the document. This chapter will guide you though all steps that are required to fully configure and use GBG with Onegini IdP.

Prerequisites

To successfully complete this topic guide you need to ensure following prerequisites:

  • Onegini IdP instance must to be running, for the sake of this guide we assume it's available under http://idp-core.dev.onegini.me address
  • Configuration under "Configuration/Identity Proofing" tab is up to date

Configure GBG identity provider

To register a new IdP of GBG type please visit the http://idp-core.dev.onegini.me:8082/admin page and login to the Onegini IdP admin console. Select Config menu option and navigate to Identity Providers tab. Press the + button to create a new Identity Provider configuration. Fill in the form as follows:

  1. Type - open the dropdown list and select GBG
  2. Name - name your GBG IdP instance
  3. Authentication Level - choose desired authentication level
  4. Identity Assurance Level - choose desired identity assurance level
  5. Enabled - mark your Identity Provider as enabled
  6. Auto Activation Enabled - user is being automatically activated after signup
  7. Attributes mappings - Mappings between GBG attributes to Onegini IdP known
  8. Custom Attributes mappings - Mappings between GBG attributes to Onegini IdP custom attributes
  9. Exclude unmapped attributes that could be send to SP - Service provider configuration can have "Include unmapped custom attributes within SAML Response" enabled. This will cause all unmapped attributes to be send. You can exclude some attributes with sensitive data by providing their name here.
  10. Custom attribute fields - Custom attributes fields correlated with this identity provider. Note: When automatic signup is enabled, these fields will be ignored.