Installation Guide

Authentication types

Updated in 2021.1

Windows authentication

With Windows authentication, users do not need to type in their user name and password to log in to Alloy Navigator Express because the system authenticates them with their current Windows credentials. This authentication method can be used in Windows domain-based networks only.

Standard authentication

With Standard (password) authentication, each user has to type in their username and password to log in to Alloy Navigator Express. In this case, authentication occurs by matching supplied credentials against accounts residing in Alloy Navigator Express. Standard authentication can be used in any network.

Single sign-on authentication

With single sign-on (SSO) authentication, users access Alloy Navigator Express directly, without a second sign-in, under their credentials issued by an external, trusted identity provider. Users do not need to provide their passwords on sign-in. SSO authentication requires integration of the identity provider that provides the SSO service (or "SSO provider") and Alloy Navigator Express. For details, see Managing single sign-on (SSO) providers.

SSO authentication can be combined with Standard (password) authentication to let the user choose whether to type in their Alloy Navigator Express credentials or sign in with SSO.

LDAP authentication

With LDAP authentication, users must specify their Windows username (as DOMAIN\username) and password to sign in to Alloy Navigator Express. The authentication occurs by matching provided credentials against user information in the specified directory service container. LDAP authentication implies that the information about domains is stored in Alloy Navigator Express. This authentication method can be used in remote Active Directory domains and directory services other than Microsoft Active Directory, such as JumpCloud, Okta, OneLogin, or AWS Directory Service.