Embassy Authentication


With the use of Bomgar Embassies, you can grant limited permissions to trusted third-party vendors to extend your range of support. Either manually add users to an Embassy or integrate with external directories such as LDAP, RADIUS, or Kerberos.

Download the Transcript (.pdf)

Transcript: Embassy Authentication

A Bomgar Embassy allows your support center to grant limited Bomgar access to trusted third-party vendors. Embassies can be used either to receive support from the vendor or to extend your range of support by utilizing the vendor's resources in supporting customers.

There are two ways to add users to an Embassy. First, you can create local users. On the Embassy page, click Add New Embassy User. Assign a username, display name, and password, and then set any privileges this specific user should have. Note that an individual privilege will be overridden if this user is assigned to an Embassy which has the same privilege defined. Once the user is saved, they will appear in the list of unassigned Embassy users.

The second way to assign Embassy users is through use of security providers, such as LDAP, RADIUS, or Kerberos servers. These servers must be configured on the Security Providers page.

When adding or editing an Embassy, click the Add button below the Embassy Members list to open a select box. At the top of the select box is a dropdown from which you can choose to view unassigned local Embassy users or security provider directories. You may add users from multiple locations.

When adding members from a security provider, you may select not only individual users but entire groups of users as predefined in your external directory structure. These users can sign into Bomgar using their existing logon credentials. Embassy users added via security provider will not appear in the Embassy Users list and cannot have privileges defined individually.

Once you have finished configuring this Embassy, click Save Changes to retain your settings.