The External Integration tab allows administrators to view and manage users authorized through external organizations. An Identity Provider (IDP) is a crucial component, particularly in the context of authentication and authorization processes. Its primary function is to manage and verify the identities of users within a system, allowing them access to resources based on their authentication credentials.

You can add one or more external integrations as per your business needs; however, you can make only one as a default IDP.

To manage external integration, you can also use the Organization External Integration APIs instead of the user interface.

To add a new external integration

  1. Log in to the Conga Platform as an admin user.
  2. Click the App Launcher () icon from the top-left corner > Admin Console > Organization.
  3. Go to the External Integrations tab.
  4. Click Add New.
    The Add New External Integration screen appears.

  5. Choose Identity Provider from the drop-down list.
    Based on the IDP selection, other fields are displayed. Follow the next steps for Salesforce, Salesforce Sandbox, and Microsoft IDPs.

    If you want to use the SAML 2.0 identity provider, click here.

  6. Click Authorize to open the selected IDP's login screen.
  7. Log in with your credentials.
    If you get any access-related prompts during this process, please allow full access.
    When you log in, the     selected identity provider's external identifier auto-populates the External ID field.
  8. Enter the Type of this integration. It is a free-form text field. You can add types such as Dev, QA, UAT, Prod, etc.
  9. Add the description.

  10. Enable the Default IDP toggle to make it a Default External Integration IDP.

    When the admin user creates new users, they are created with the default IDP.

  11. Click Save.

Follow the same steps to add more external integrations.

To add SAML 2.0 external integration

We support Okta, Microsoft Entra, and Salesforce for SAML 2.0 integration. For more information on SAML 2.0 in general, click here.

  1. Refer to steps 1 through 5 in the To add a new external integration.

  2. Enter values in the following fields as per your SAML 2.0 external integration:

    FieldDescription
    External ID

    Okta: Enter the externl_organization_id value from the Okta app. For more information on how to get it, see Getting SAML Identity Provider Settings > Okta as SAML Identity Provider.

    Microsoft Entra: Enter the Tenant ID. For more information on how to get it, see Getting SAML Identity Provider Settings > Microsoft Entra (Azure AD) as SAML Identity Provider.

    Salesforce: Enter the Salesforce Organization ID (18 digits). For more information on how to get the 18-digit organization ID, see Getting Salesforce Organization ID.

    Metadata Location URLEnter the Metadata URL of the respective integration provider. For more information on how to get it for Okta, Microsoft Entra, and Salesforce, see Getting SAML Identity Provider Settings.
    Type

    Enter the type of this integration. It is a free-form text field. You can add types such as Dev, QA, UAT, Prod, etc.

    Organization ID Claim Type

    Enter the organization ID claim type. This field is only required for Microsoft Entra. For more information on how to get it, see Getting SAML Identity Provider Settings > Microsoft Entra (Azure AD) as SAML Identity Provider.

    DescriptionAdd the description.
    Default IDP

    Enable the toggle to make it a Default External Integration IDP.

  3. Click Save.

To edit the external integration

  1. Go to the External Integration tab.
  2. Click the More () icon and select Edit.
  3. Update the Type, Description, and Default IDP fields per your business needs.
  4. Click Save.

You can change the default IDP straight from the list page by selecting the Default IDP status of the particular external integration.

To delete the external integration

  1. Go to the External Integration tab.
  2. Click the More () icon and select Delete.
  3. From the confirmation dialog, click Confirm.

You cannot delete the external integration in any of the following scenarios: An API connection is established with the external integration, a user(s) is assigned to the external integration, and only one external integration is available.