Choosing Authentication Method

Updated in 2021.1

Alloy Navigator Express supports two methods of authentication for API calls: Windows and Access Token.

• Windows authentication

  Windows authentication method allows applications to make API calls by automatically supplying the credentials of Windows domain accounts they are running under, without having to obtain an access token and specify it in requests. This authentication method works only on a Windows domain network.

• Access token authentication

  Access token authentication method requires applications to provide their Application ID and Secret or identify users with their username and password and make API calls after receiving an access token.

  INFO: For details on obtaining an access token, see API User’s Guide: Authenticating Users and Authenticating Applications.

  Token-based authentication can be used in any network. Alloy native mobile apps (Alloy Navigator, Alloy Self-Service, and Alloy Scanner) require the API to be configured for access token authentication

  In the Admin Center, you can configure additional authentication options for Alloy mobile app users, including password authentication, single sign-on (SSO), and LDAP authentication. For more details, see Admin Center Help: Configuring API authentication.