Authentication & Access
Conncentric delegates authentication to your organization's identity provider. Users log into the Portal through your existing single sign-on (SSO) system.
How It Works
The Portal authenticates users via OIDC (OpenID Connect). When a user navigates to the Portal, they are redirected to your identity provider's login page. After successful authentication, the identity provider issues a token and the user is returned to the Portal.
No passwords or user accounts are stored in Conncentric itself.
Supported Identity Providers
Any OIDC-compliant identity provider works with Conncentric. Common examples:
- Auth0
- Okta
- Azure Entra ID (formerly Azure Active Directory)
- Google Workspace
- Keycloak
See Authentication Configuration for Helm values and provider-specific setup instructions.
LDAP-based authentication has not been validated. If your organization uses LDAP exclusively, contact your Connamara representative to discuss options.
Adding and Removing Users
Because authentication is managed by your identity provider, user lifecycle is handled there, not in Conncentric.
To grant access: Add the user to the Conncentric application in your identity provider. They can log in immediately.
To revoke access: Remove the user from the Conncentric application in your identity provider. Their next login attempt will be rejected.
Roles
Role-based access control (RBAC) is planned but not yet implemented. Currently, all authenticated users have full access to the Portal.
When roles ship, they will be derived from claims in the identity provider's token. No configuration in Conncentric will be required.
Questions About Access
If you cannot log in, check with your IT team that your account is assigned to the Conncentric application in your identity provider.