Authentication overview
Most grid applications require users to be authenticated and have an established session to allow access to their published services. There are three ways to establish a session:
- End users log on via the SAML protocol. To configure SAML authentication, see Configuring SAML.
These two methods are primarily intended for server to server communication:
- Logging on using the SSL handshake with a key store/certificate - The SSL handshake authentication method allows a connection to be made as an authenticated user based on provided key material. See To configure SSL for grid HTTP clients.
- Logging on with an authorization token - The grid can also issue credentials for OAuth1.0a to be used for authentication, and handle JWT tokens for Infor Ming.le applications. The ability to accept authorization tokens is configurable per router. See Token Authentication.
The authentication includes role assignments, where the application-specific roles are mapped to grid roles. For more information on role mapping, see Authorization Overview.