Key skills
CEntra IDJWTSAMLSSOCRM
About this role
Position Summary:
- One of our healthcare clients is looking for a solid external Entra guy who will knock things off in a few months.
- They are looking for a hands-on SME who will take ownership of this work, do what they can as a stopgap, but be so impressive that we continue to use that person for additional carryover work through additional funding that we secure later in the year.
External ID Deliverables
- Separate Branding for HPHC and THP (applies to all flows)
- Sign-in Flow
- Biometric Login flow for Mobile Devices
- Single log-out
- Seamless user migration from existing IDPs (without the existing users having to reset password)
- Sign Up flow (Sign-up process asks questions about member's demographics and insurance policy. This requires connecting to enterprise services) ***
- Forgot Password/Forgot UserName flows (Forgot process access questions about member's demographics and insurance policy. This requires connecting to enterprise services) ***
- Change Password Flow ***
- MFA sign-up (offer them choice of various factors SMS, Email, Authenticator)
- Risky login detection and use MFA if risky
- SSO with multiple partner portals using SAML and OIDC. Handle deep-links for SSO.
- Impersonation policy for Employees to impersonate as external member (depending on role in Employee Directory. Will require Federation with Entra ID (Employee directory))
- Federation with external IDPs of B2B accounts that support "Bring your own Identity"
- REST calls are made inside various flows to Enterprise services (To get claims from CRM needed for SSO, for saving changed Email, for saving Terms and Conditions acceptance etc.)
- Terms and Conditions screen (and flow to re-prompt when T&C changes)
- Maintenance mode (to disable login for certain portals on the basis of config)
- Force Change Password flow (for all users or certain user types on a frequency or on demand)
- Context switcher - Some LoginIds have access to multiple insurance policies. Provide a way for a user to switch context of the PolicyId that will be used for JWT and SAML assertions.
- Change MFA factor
- Metrics Dashboards, monitoring, SIEM integration etc.
Regards,
Raj Dakshinapu | Recruiter, Dotcom Team LLC
Phone:
Web: | Email:
2023 Best Places to Work – Boston Business Journal
Minority Certified – Boston Business Journal’s Top Ten 2022, 2023
Certified National Minority Supplier – NMSDC