• Security >
  • Configure Federated Authentication

Configure Federated Authentication

Federated Authentication links your credentials across many systems. You can authenticate to Cloud Manager and other MongoDB cloud services using your company’s credentials through an Identity Provider (IdP). This authentication flow ensures a unified login experience for your users and reduces the number of credentials they have to remember.

To link your IdP to Cloud Manager you provide each with the appropriate metadata. Once you have linked your IdP to Cloud Manager, map domains and organizations to your IdP:

Domain Mapping
If you or another user log in to Cloud Manager using one of these mapped domains, Cloud Manager redirects you to the associated IdP. After you authenticate with the IdP, it returns you to the Cloud Manager application. To learn more about Domain Mapping, see Manage Domain Mapping for Federated Authentication.
Organization Mapping
Users who log in through the IdP are granted access to the mapped Cloud Manager organizations. You can choose what role these users have within the selected organizations. To learn more about Organization Mapping, see Manage Organization Mapping for Federated Authentication.

Federation Management Access

You can manage federated authentication from the Federation Management Console. You can access the console as long as you are an Organization Owner in one or more organizations that are delegating federation settings to the instance.


To configure federated authentication in Cloud Manager, you must:

  1. Link an Identity Provider to Cloud Manager to ensure that your users are authenticated through your trusted IdP.
  2. Map Domains to your Identity Provider to streamline the login experience for users from specified domains by authenticating them through an IdP.

Once you set up your IdP, you can optionally Map Organizations to your Identity Provider to give your users a unified login experience.