Silverfort Identity Bridge

  • Published on Feb 9, 2026
  • 1 minute(s) read
  • e
  • Danny Hanes
 Prev Next

Silverfort identity protection can be extended to Beyond Identity environments to provide additional benefits. This requires integrations between your self-hosted Silverfort deployment and the cloud-based Beyond Identity environments that you wish to cover.

Configure Beyond Identity

  1. Log in to the Beyond Identity admin portal

  2. Click Integrations from the navigation menu

  3. Click the SAML tab

  4. Click Add SAML Connection

    1. Single sign-on URL: Enter your Mobile Messaging Service URL with the addition of the following prefix: /apps/api/sso/response

      1. Examples:

        1. Global - https://raven.silverfort.io/apps/api/sso/response

        2. Singapore - https://sg.raven.silverfort.io/apps/api/sso/response

        3. Europe - https://eu.raven.silverfort.io/apps/api/sso/response

        4. Australia - https://au.raven.silverfort.io/apps/api/sso/response

    2. SP Audience URI: Enter the SAML Entity ID for your application.

      Requirements: To ensure a successful authentication, the SP Audience URI value must match the Audience

      Restriction value set in Silverfort:

    3. Name ID Format: Select emailAddress from the dropdown.

    4. Subject User Attribute: Select email from the dropdown.

    5. Request Binding: Select http post from the dropdown.

    6. Authentication Context Class: Select Password from the dropdown.

    7. Signed Response: Enable Signed

    8. Attribute Statements: Create two attribute statements containing the following:

      1. Attribute 1

        1. Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

        2. Name Format: uri

        3. Value: {{email}}

      2. Attribute 2

        1. Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

        2. Name Format: uri

        3. Value: {{email}}

  5. Click Save Changes

Form for adding a SAML connection with various configuration options displayed.

Overview of the Silverfort configuration in Beyond Identity.

Configure Silverfort

  1. Log in to the Silverfort Admin Console and navigate to Settings » Integrations.

  2. Select the Identity Bridge tab.

  3. Navigate to the bottom and select + Add new IdP, then enter the following teails:

    1. IdP Name: Beyond Identity

    2. Application Name: Beyond_Identity App

    3. Login URL: The IdP SSO URL copidd from Beyond Identity

    4. Audience: The same value set for SP Audience URI in Beyond Identity (e.g. Silverfort_SP)

    5. Upload Certificate: The certificate downloaded from Beyond Identity.

      You can copy / download the values for IdP SSO, IdP issuer and the certificate from Beyond Identity in the Integrations page in the Beyond Identity admin console.

Configuration details for Beyond Identity application including IdP name and login URL.

Configuration of the Silverfort Identity Bridge

Create a Bridge Policy

  1. In the Silverfort Admin Console, navigate to the Policies page.

  2. Select Create policy

    1. Policy name: Create a name for the policy

    2. Action: Select Identity Bridge

    3. IdP: Select Beyond Identity

    4. Enterprise App: Select the application name you entered in the Bridge configuration (e.g. Beyond_Identity app)

  3. Click Save

Configuration settings for an identity policy including authentication types and actions.

Silverfort Bridge Policy configuration

Related articles