1. Field of the Invention
The present invention generally concerns providing external access to an identity provider located within a secure network. More particularly, the present invention is related to use of a virtual private network appliance to manage external requests to an internal identity provider.
2. Description of the Related Art
Identity providers (IdPs) help networks manage identities and user accounts. Many services can utilize an identity provider to authenticate and keep track of users. Fully utilizing identity providers can allow a federated single-sign-on (SSO) experience. With the proliferation of the Internet, securing a network can be difficult as user devices, services, and identity providers can be a mixture of internal and external to a secure network. Past approaches would limit access to certain services (e.g., by placing the identity provider within the secure network where it cannot be accessed by the Internet) or would compromise security (e.g., by placing the identity provider on the edge of the secure network).
Traditionally, even when using an identity provider, a user must login to their virtual private network (VPN) using their credentials and then enter their credentials again to login to a service. Repeatedly entering credentials can be tiresome for a user.
There is, therefore, a need in the art for improved systems and methods of managing identity credentials in a secure network.