Integrating Your Identity Provider
This guide outlines how IT administrators can integrate an identity provider (IDP), such as Okta or Entra ID (Azure AD), with Trusst AI.
Youβll need to configure an application in your IDP, set up role-based groups matching exactly those specified in Trusst AI Roles and Permissions, and expose these groups in the ID token.
Step 1: Create Security Groups for Roles
Create security groups in your IDP exactly matching these roles:
trusst_ai_viewer
trusst_ai_evaluator
trusst_ai_prompt_admin
trusst_ai_agent_admin
trusst_ai_app_admin
Okta:
Directory β Groups β Add Group β (Role name)
Entra ID:
Azure AD β Groups β New group β Security β (Role name)
Step 2: Assign Users to Role Groups
Assign users to the groups representing their required roles.
Okta:
Directory β Groups β (Role group) β People β Assign People
Entra ID:
Azure AD β Groups β (Role group) β Members β Add Members
Step 3: Register Trusst AI Application
Register a new OIDC web application for Trusst AI.
Okta:
Applications β Create App Integration β OIDC β Web Application
Sign-in redirect URI:
https://trustai.au.auth0.com/login/callback
Entra ID:
Azure AD β App registrations β New Registration
Redirect URI:
https://trustai.au.auth0.com/login/callback
Note: Auth0 Client ID and Application ID URI, if required, are provided securely by your Trusst AI integration contact.
Step 4: Assign Role Groups to the Application
Assign previously created role groups to the Trusst AI application.
Okta:
Applications β (Trusst AI App) β Assignments β Assign to Groups
Entra ID:
Enterprise Applications β (Trusst AI App) β Users and groups β Add user/group
Step 5: Configure Group Claims in ID Token
Expose group claims (roles) in the authentication token.
Okta:
Applications β (Trusst AI App) β Sign On β OpenID Connect ID Token β Edit
Groups claim type:
Filter
Filter:
Starts with
βtrusst_ai
Entra ID:
Azure AD β App registrations β (Trusst AI App) β Token configuration β Add groups claim β Security groups
Step 6: Complete Integration and Verification
Notify your Trusst AI contact once setup is complete. Verify login with a user assigned to one or more role groups.
See Trusst AI Roles and Permissions for detailed role definitions.
Contact Trusst AI support if assistance is required.
Last updated