Configuring API authentication
Introduced in 2024.2
Use the Apps and Portals > API > Authentication page in the Admin Center to manage how users or applications authenticate before they can interact with Alloy Navigator Express via the API. The availability of this page depends on the authentication method that was selected for the API on the server side, during the configuration. The Authentication page is available only when the API is configured for Access Token Authentication.
IMPORTANT: Saving changes on this page restarts the API, disconnecting active sessions and risking unsaved data loss. To reduce disruption, apply changes after hours and notify users beforehand.
You can choose between those authentication types or combine both:
-
Password authentication
To allow users of Alloy mobile apps to sign in by providing their username and password, select the Alloy password authentication checkbox under Password Authentication. You may also need to enable password authentication in the corresponding user accounts.
-
Single Sign-On (SSO) authentication
To enable single sign-on (SSO) authentication for Alloy mobile apps users, select the desired SSO services under Available Single Sign-On services. These services must be previously configured in Alloy Navigator Express as SSO Provider records. For details, see Admin Center Help: Managing single sign-on (SSO) providers.
With SSO enabled, users may still be able to sign in using their username (email) and password. To make this happen, enable the password authentication in both the API and the user's account.
About LDAP authentication
Users can also sign in to Alloy mobile apps using LDAP authentication, by providing their username (as DOMAIN\username) and password. This method requires that corresponding Domain Credentials records are configured in Alloy Navigator Express. For details, see Managing Domain Credentials and Administration Guide: Enabling LDAP Authentication.