Connect to your identity provider

The CHG IdentityProvider supports federated authentication. This feature allows your users to login to our applications using their existing credentials. In most cases, the user does not even need to enter his or her password because the user is already logged on to your identity provider (SSO).

We don't know the credentials

Due to the nature of federated authentication the CHG IdentityProvider never receives any user password because the authentication takes places within your identity provider system.

Supporting the industry proven SAML 2.0 and the modern authentication protocol OpenId Connect, the CHG IdentityProvider can integrate other identity providers that support one of those protocols.

Pass-through user attributes

Every user attribute you're providing, can be passed to the calling CHG application. So information like cost center, employee number or (permission) groups will be available at the CHG application to provide a more integrated cooperation and build automated processes.

Your choice

Only attributes and group information you provide can be retrieved by CHG IdentityProvider. You control what information is provided. The CHG IdentityProvider will not receive additional information without your knowledge.