Yes, you can temporarily (or permanently if need be) switch the Identity Provider or even the type of authentication service an authenticator uses with minimal impact to your system or your users. Consider the following scenario...
You have a SAML authenticator called XYZ that is your preferred method of authentication. You also have access to an Active Directory that has the same user accounts and passwords (because of some synchronization method). Your SAML Identity Provider suddenly goes down and it looks like it will be a while before it is fixed. You can temporarily modify XYZ to be an NT Domain authenticator instead of a SAML authenticator. The user's interaction with TechDoc will be a little different during the challenge phase of authentication but after that everything else is exactly the same. And best of all, it is simple to reverse the process as soon as the SAML Identity Provider is operational again. Here are the step-by-step instructions on what you would do:
- Log into TechDoc as a local user with Admin privileges.
- On the main menu, click Admin, and then click Authenticators under the Show menu.
- Now click on the lock icon next to the XYZ authenticator.
- If you plan to change XYZ back later, print the Authenticator Info page or write down the current settings for the XYZ authenticator.
- Click Modify on the side menu.
- Change the Service Name to NT Domain (or whatever service your fallback option uses).
- Change the Service Data to the name of the NT Domain (or enter the appropriate data for the type of service your fallback option uses).
- Enter a reason and click OK.
- Now click on Test on the side menu and complete an authentication test just to make sure you entered the correct data when you modified XYZ.
When your preferred Identity Provider has been declared operational again, simply follow the steps above and modify the Service Name and Service Data back to what they were originally.