/
Federated Identity

Federated Identity

Owned by Amna
Last updated: Apr 01, 2025

Federated Identity gives customers the option to use their company credentials to sign into CSI software and website instead of using their CSI sign-in credentials. This is sometimes referred to as SSO (Single Sign On). To implement, the company will have to federate their identity platform (IdP) with CSI’s identity platform. Once setup, all contacts with federated email domains will automatically be redirected to their IdP for authentication.

FAQ

Which identity platforms and standards does CSI support to setup federation?   

  • Entra ID/Azure AD (Microsoft Active Directory)

  • ADFS

  • Google Workspace

  • OpenID Connect

  • Okta

  • PingFederate

  • SAML

Which IdP does CSI use?

CSI uses Auth0 as our identity provider.

Is there a fee/charge to federated an IdP with CSI's IdP?

No, there is no charge to federate your IdP with CSI's. 

Is multi-factor authentication (MFA) available?

Once you have federated your IdP with CSI's, your security measures and MFA settings with your IdP will apply when you sign into CSI applications (software and website) as well. 

Does CSI support any automated user provisioning options, such as SCIM or JIT user provisioning?
Yes, CSI supports both types of automatic user provisioning: 1) Just in Time (JIT) User Provisioning and 2) System for Cross-domain Identity Management (SCIM) User Provisioning. Both user provisioning mechanisms require a federated IdP as a prerequisite. Automated user provisioning eliminates the need for companies to manually add users to the CSI User Database. Details can be found on the Automated User Provisioning page. 

Can customers who choose to federate their identity still use the User Management Dashboard (UMD) to bulk import contacts to into the CSI User Database?
Yes, you can still import your your contacts in bulk using the UMD. When customers authenticate through a federated IdP, they will be connected based on the user's email address. 

What happens if a new user authenticates via federated identity and does not exist in the CSI Database?
If automated user provisioning has not been setup and a new user signs in, they will receive an error message after signing in to let them know to contact their IT team. Your Customer Account Administrator(s) will have to add the user to the CSI Database via the User Management Dashboard. 

How to get started?

Please email identity@csiamerica.com the email domain you would like to federate. We will send you an online link to connect your identity provider (IdP) to CSI’s IdP. The link will include instructions for your IdP and the information we need from your IdP.

Once you have completed the online form, please email identity@csiamerica.com so we can fully enable your SSO for all CSI Applications.

For users using a SAML connection regardless of your IdP, please select the Custom SAML option.

For users connecting with Entra ID/Azure AD, please email us the expiration of your client secret so we can send you a reminder notice before it expires.

image-20250401-193439.png

 

For further questions, please contact identity@csiamerica.com.

General-Topics | CSiBridge CSiCOL CSiPlant ETABS PERFORM-3D SAFE SAP2000 | Tutorials Test-Problems Documentation Licensing

Copyright © 2025 Computers and Structures, Inc. All rights reserved.