🔑Integrating Your Identity Provider

This guide outlines how IT administrators can integrate an identity provider (IDP), such as Okta or Entra ID (Azure AD), with Trusst AI.

You’ll need to configure an application in your IDP, set up role-based groups matching exactly those specified in Trusst AI Roles and Permissions, and expose these groups in the ID token.

Step 1: Create Security Groups for Roles

Create security groups in your IDP exactly matching these roles:

trusst_ai_viewer
trusst_ai_evaluator
trusst_ai_prompt_admin
trusst_ai_agent_admin
trusst_ai_app_admin

Okta:

Directory → Groups → Add Group → (Role name)

Entra ID:

Azure AD → Groups → New group → Security → (Role name)

Step 2: Assign Users to Role Groups

Assign users to the groups representing their required roles.

Okta:

Directory → Groups → (Role group) → People → Assign People

Entra ID:

Azure AD → Groups → (Role group) → Members → Add Members

Step 3: Register Trusst AI Application

Okta:

Applications → Create App Integration → OIDC → Web Application
Sign-in redirect URI: https://trusstai.au.auth0.com/login/callback

Entra ID:

Azure AD → App registrations → New Registration
Redirect URI: https://trusstai.au.auth0.com/login/callback

Note: Auth0 Client ID and Application ID URI, if required, are provided securely by your Trusst AI integration contact.

Step 4: Assign Role Groups to the Application

Assign previously created role groups to the Trusst AI application.

Okta:

Applications → (Trusst AI App) → Assignments → Assign to Groups

Entra ID:

Enterprise Applications → (Trusst AI App) → Users and groups → Add user/group

Step 5: Configure Group Claims in ID Token

Expose group claims (roles) in the authentication token.

Okta:

Applications → (Trusst AI App) → Sign On → OpenID Connect ID Token → Edit
Groups claim type: Filter
Filter: Starts with → trusst_ai

Entra ID:

Azure AD → App registrations → (Trusst AI App) → Token configuration → Add groups claim → Security groups

Step 6: Complete Integration and Verification

Notify your Trusst AI contact once setup is complete. Verify login with a user assigned to one or more role groups.

See Trusst AI Roles and Permissions for detailed role definitions.

Contact Trusst AI support if assistance is required.

PreviousUser Guide NextUser Roles & Permissions

Last updated 2 months ago