We have two vendors that require remote access to their appliances. My problem is that we would rather not issue them Okta accounts which the rest of our team use to authenticate into our twingate environment. I am just overthinking this? If I add their email and invite them to the twingate environment is that all there is to it?
I understand how to setup the group/security and specify the resources provided. I am just not certain if a user outside of my organization can have an account.
Hi @baileb-ssh,
you are not overthinking this! It is possible to invite users outside of your IdP to Twingate although it does require the activation of a feature (dubbed “IdP + Social”) on the Twingate side.
There is a constraint to be aware of, since Twingate delegates the concept of identity to an identity provider, the “social” email addresses for the folks outside of your own org would need to be supported (at this time, this means they would need an email address with either Microsoft, Github, LinkedIn or Google Gmail / Workspace).
Here is a bit more information on how to handle additional users outside of your IdP once the feature is activated: Social Logins | Docs
Send us a note asking for the activation of IdP + Social to onboarding@twingate.com (and do provide your tenant name as well) and we can set it up for you.
So our IdP being configured is Okta, They will not have access to Okta, Their company uses Google, will I be able to provide them access to a resource if they are not in our Okta Tenant?
yes, you will be able to invite users that are not known to your IDP (Okta) and those users will exist in Twingate so you can add them to Groups just like any other user.