This section describes the types of authentication that you can use to configure authentication for a realm on the Remedy Single Sign-On server.
|AR||With AR authentication, end users are authenticated through the AR identity provider.||BMC Remedy AR System authentication process|
|Cert||Certificate-based authentication uses a public key and a digital certificate to authenticate an end user.||Certificate-based authentication process|
The Kerberos protocol uses secret-key cryptography to provide secure communications over a non-secure network. With Kerberous authentication, end users are only prompted once for their user ID and password.
|Kerberos authentication process|
|LDAP||With LDAP authentication, end users are authenticated through an external LDAP directory.||LDAP authentication process|
With Local authentication, Remedy SSO server serves as an identity provider, and users stored locally in the Remedy SSO database are authenticated.
|Configuring Local User Management authentication|
|OIDC||OpenID authentication is an extension to the OAuth 2.0 authorization process. It provides information about and end user in the form of an ID token that verifies the identity of an end user.||Configuring OpenID Connect authentication|
|Preauth||Preauth authenticates end users who have already been authenticated though an authentication provider to access BMC applications.||Configuring pre-authentication mechanism|
SAML 2.0 authenticates users identity and credentials. SAML 2.0 tells the service provider what access to grant to the authenticated user.
|SAMLv2 authentication process|