This section describes the types of authentication that you can use to configure authentication for a realm on the BMC Helix Single Sign-On server.
|AR||With AR authentication, end users are authenticated through the Remedy AR System identity provider.||Configuring AR authentication|
|Cert||Certificate-based authentication uses a public key and a digital certificate to authenticate end users.||Configuring certificate-based authentication|
The Kerberos protocol uses secret-key cryptography to provide a secure communication over a non-secure network. With Kerberos authentication, end users are only prompted once for their user ID and password.
|Configuring Kerberos authentication|
|LDAP||With LDAP authentication, end users are authenticated through an external LDAP directory.||Configuring LDAP authentication|
With Local authentication, the BMC Helix SSO server functions as an identity provider, and users stored locally in the BMC Helix SSO database are authenticated.
|Configuring Local authentication|
|OIDC||OpenID Connect authentication is an extension to the OAuth 2.0 protocol. It provides information about an end user in a form of an ID token that verifies the identity of the end user.||Configuring OpenID Connect authentication|
|Preauth||With preauthentication method, end users who have already been authenticated though another authentication provider are authenticated.||Configuring preauthentication|
SAML 2.0 checks users identity and credentials. SAML 2.0 informs the service provider what access to grant to the authenticated user.
|Configuring SAML 2.0 authentication|