Configuring authentication

This section describes the types of authentication that you can use to configure authentication for a realm on the BMC Helix Single Sign-On server.

Authentication typeDescriptionReference
ARWith AR authentication, end users are authenticated through the Remedy AR System identity provider.Configuring AR authentication
CertCertificate-based authentication uses a public key and a digital certificate to authenticate end users. Configuring certificate-based authentication

The Kerberos protocol uses secret-key cryptography to provide a secure communication over a non-secure network. With Kerberos authentication, end users are only prompted once for their user ID and password.

Configuring Kerberos authentication
LDAPWith LDAP authentication, end users are authenticated through an external LDAP directory.Configuring LDAP authentication

With Local authentication, the BMC Helix SSO server functions as an identity provider, and users stored locally in the BMC Helix SSO database are authenticated.

Configuring Local authentication
OIDCOpenID Connect authentication is an extension to the OAuth 2.0 protocol. It provides information about an end user in a form of an ID token that verifies the identity of the end user.Configuring OpenID Connect authentication
PreauthWith preauthentication method, end users who have already been authenticated though another authentication provider are authenticated.Configuring preauthentication

SAML 2.0 checks users identity and credentials. SAML 2.0 informs the service provider what access to grant to the authenticated user.

Configuring SAML 2.0 authentication
Was this page helpful? Yes No Submitting... Thank you