The Identity Service Name can be freely chosen.
The Identity Service Type can be selected as available from the above matrix.
The Ordering specifies the sequence in which a login is performed with available Identity Services.
The Required the attribute specifies if login with the respective Identity Service is required to be successful, for example if a number of Identity Services are triggered on login of a user account.
The Identity Service Authentication Scheme allows to select
- single-factor authentication: user account and password are specified for login with the Identity Service.
- two-factor authentication: in addition or as an alternative to user account and password a Client Authentication Certificate is required, see JS7 - Certificate based Authentication

Manage User Accounts and Roles

Manage Settings

Settings are available at a global level and per Identity Service.

...

A number of Identity Services can be used at the same time:

Required Identity Services: user login is performed with all required Identity Services.
- No Optional Identity Services are considered.
- If more than one Required Identity Service is configured then a user cannot log in if the login fails with any of the Identity Services.
- Permissions from all Required Identity Services are merged.
Optional Identity Services: with the first successful login to an Identity Service the user is considered being logged in.
- No further optional Identity Services are consulted if a user login is successful with one of the Optional Identity Services.
- For example, if two Optional Identity Services JOC and LDAP are configured in this sequence then the login to the JOC Identity Service can fail and still the user might successfully login with the LDAP Identity Service.
- Permissions from the successful login to an Optional Identity Service are used.
Disabled Identity Services are not considered for user login.

Identity Services are ordered to specify the sequence of preferred use for authentication.

...