An authentication method determines how a user authenticates when they request an SSO application. An authentication method must be associated with every SSO application.
A one-to-one correspondence exists between each authentication method that you associate with an application and an authentication scheme that is set up by the hosting administrator. As the tenant administrator, you are responsible for configuring the authentication method. The hosting administrator is responsible for configuring the authentication scheme and the SSO partnership.
The available authentication methods include:
Select this method when the SSO service authenticates the user. This authentication method is typically associated with the HTML form authentication scheme.
Select this method when third-party business partners authenticate the user. The types of authentication schemes include federation protocols SAML 1.1, SAML 2.0, and WS-Federation. The schemes also include profiles that are typically used with social media sites, such as Google and Facebook. These schemes include OpenID and OAuth.
To obtain credentials, the SSO service authenticates the user directly or presents the user with a list of third-party sites. These external sites can serve as the identity provider and can authenticate the user. After the user authenticates successfully, the external IdP returns the user to the SSO service, which completes the transaction to the target application.
This option is only available with the SSO Service.
Select this method for strong authentication that the Advanced Authentication Service provides. This service offers the following authentication methods for applications: Arcot OTP, Arcot PKI, Arcot OTP with Risk and Arcot PKI with Risk.
These options are only available with the Advanced Authentication Service.
|
Copyright © 2014 CA.
All rights reserved.
|
|