Federate IdP with Custom IdP
Often, you may choose a specific Identity Provider (IdP) for your applications for various reasons. However, when integrating your application with other industrial platforms or systems, such as AWS Cognito, you may encounter obstacles. These platforms often require that your IdP supports standardized protocols like OIDC or SAML2.
In such cases, you can consider federating your specific IdP with the IdP created in the SiX IDaaS & IAM tenancy. Since the IdP from SiX IDaaS & IAM tenancy natively supports OIDC and SAML2, you can quickly get a protocol-compliant IdP.
For example, if you've developed applications with your own Custom IdP, you can federate this Custom IdP with the IdP (Identity Application) created in the SiX IDaaS & IAM tenancy. By enabling authentication federation, your application users can log in using their existing Custom IdP credentials, while their authorization is managed centrally through the IAM system in the SiX IDaaS & IAM console.
TIP
After federation, your IdP user will benefit from MFA, personal information sharing consent control, more at: Overview of Data Security & Privacy
TIP
Authentication federation refers to authentication delegation. After the Identity Provider (IdP) in the SiX IDaaS & IAM tenancy receives the authentication request, it delegates the request to the existing Custom IdP.
Steps to federate IdP with Custom IdP
1. Create an SiX IDaaS & IAM IdP(identity application) tenant
On SiX IDaaS & IAM console, go to "Authentication -> Create Identity Application" to create an IdP(identity application) tenant, edit "Login template:" to use your own login page.
2. Set the federated IdP parameters
Set the your own login template endpoint. 
WARNING
When the IdP is created, an RSA 256 private key will be generated once to let the IdP owner to download it, the following authentication data flow between SiX IDaaS & IAM and the restful endpoint will be verified through the public key.
3. Create an OAuth2 Client tenant and associate it with IdP tenant
Creaate an OAuth2 Client tenant on the SiX IDaaS & IAM console and associate it with IdP(identity application) tenant.
4. Use the OAuth2 Client in your application
Apply the OAuth2 Client tenant information in your application to initiate the authentication process, when the authentication process is triggered, SiX IDaaS & IAM will handle the authentication federation process automatically.
5. Your application get ID information and associate it with your local user ID
You can get the IdP tenant "openId" and the ID of federated custom provider user through parsing JWT and use /userinfo endpoint.