Online Help | Web App

Authentication types

Updated in 2021.1

The authentication type determines how Alloy Navigator Express validates account credentials. See a complete list of authentication types Alloy Navigator Express supports.

Authentication Type Description

Windows native authentication

Web App

SSP

Desktop App (deprecated)

With Windows native authentication, users do not need to enter their user name and password to log in to Alloy Navigator Express because the system authenticates users with their current Windows credentials. This authentication method can be used in Windows domain-based networks only.

Standard authentication

Web App

SSP

Mobile apps

Desktop App (deprecated)

With Standard authentication, users have to type their user name and password to log in to Alloy Navigator Express. In this case, authentication occurs by matching supplied credentials against accounts residing in Alloy Navigator Express. Standard authentication can be used in any network.

Single Sign-On (SSO) authentication

Web App

SSP

Mobile apps

With Single Sign-On (SSO) authentication, users access Alloy Navigator Express directly, without a second sign-in, under their credentials issued by a trusted identity provider.

SSO authentication requires integration of the identity provider that provides the SSO service (or "SSO provider") and Alloy Navigator Express. For details, see Managing single sign-on (SSO) providers.

TIP: You can combine Standard authentication and SSO to let the user choose whether to type in their Alloy Navigator Express credentials or sign in with SSO.

LDAP authentication

Web App

SSP

Mobile apps

With LDAP authentication, users must specify their user name (login) in this format: DOMAIN\username. The authentication occurs by matching provided credentials against user information in the specified directory service container. LDAPĀ authentication implies that a list of domains is stored in Alloy Navigator Express. For details, see Managing Domain Credentials.

This authentication method can be used in remote Active Directory domains and directory services other than Microsoft Active Directory, such as JumpCloud, Okta, OneLogin, or AWS Directory Service.