Supported Methods to Authenticate Users

Platform supports more than one authentication profile. This helps a Tenant admin to support more than one Identity management system for a given application/solution and provide access to different users on that application.

Key Features

• Use an internally configured Platform authentication for a tenant
• Use external authentication mechanism for a tenant
• Customize your own authentication mechanism for a tenant
• Enable different authentication profiles for different user roles in a tenant
• Configure a global authentication mechanism for all tenants

Support for multiple authentication will be applicable for per tenant authentication only. In case of global authentication, the settings configured in the Control Panel properties will be considered for authentication.

Authentication Profile Options

• Default : A customer will have a default authentication profile for each UI and API. All the roles which are mapped to default will be authenticated using the default authentication profile. For example - Consider that a customer's default UI and API is set to Password authentication profiles and the admin role has default selected for both UI and API. If the UI default authentication profile is updated to SAML, all users that belong to the admin role will be authenticated through SAML from UI and password from API.
  Note: When you create a new customer in a tenant, Password is set as the default authentication profile.
• None : Setting None will restrict users with that particular role from being authenticated into the system.
• This list includes Kerberos and Custom authentication profiles if these are configured by the master tenant. This also includes API token and Password authentication profiles that are available by default as authentication profiles across all tenants.
  Note:

  • When you migrate to Platform 5.1, the previously set authentication for a tenant will become the Default authentication profile.
  • A tenant can only have a single Password and OE authentication profiles.

The authentication mechanisms are categorized as:

• Password Authentication
• External authentication

Configuration of the different user authentication methods is discussed in detail in the following topics.