To set up your BIS system, you need to clarify with SEEBURGER how the authentication mode for your iPaaS users should be working. SEEBURGER supports two options:

• Authentication via User Management Service (UMS)

• SAML authentication

User Management Service (UMS)

The User Management Service (UMS) is a SEEBURGER app for managing the users of your BIS system, their user accounts, and rights.

The Change Manager of your company will get administrator rights for UMS and can invite futher users. Administrators can assign rights to new users, for example assign rights for more administrators or combine user rights in a different way.

The following standard user rights are possible in iPaaS:

• IAM User (global): administrator for user and access management

• BIS User: permissions for all BIS Web Front End apps, except User Management Service (UMS)

• BIS User Legacy: permissions for using the classic BIS Front End

• Message Tracking User: only permissions for the app Message Tracking

If you have specific requirements, customized groups for these rights can also be created.

You can switch to using SAML at any time by making a change request at SEEBURGER to configure the SAML authentication.

> Making a change request

SAML authentication

SAML is a method for single sign-on authentication. In this case, the BIS Portal needs to be connected to your company portal. After this is set up, you just need to log in to your company account, and you can access the BIS Portal.

Within SAML, an Identity Provider (IDP) verifies if you have successfully logged in to your company account, and are allowed to access the BIS Portal.

If you are connected to the iPaaS system via SAML, you can set up new users yourself in your company portal.

The following standard user rights are possible in iPaaS:

• Key User

• Consultant

• Message Tracking User

• Read-only

If you have specific requirements, customized groups for these rights can also be created.

Find further information here:

> Configuration of SAML authentication