Latest revision as of 14:13, 1 April 2024

Authentication Workflows

There are three different authentication methods that can be used for VALT:

Local Authentication

LDAP Authentication

SSO Authentication

Local Authentication

Local accounts are created and assigned to groups within VALT. Local accounts can be created manually or imported from a list.

LDAP Authentication

LDAP accounts can be imported manually using an LDAP search and lookup tool within the software or imported automatically on a schedule based on group.

SSO Authentication

SSO accounts are automatically created when a user logs in for the first time. The user can be placed in the proper group automatically upon login by mapping SSO attributes to a user group within VALT.

VALT's SSO uses Just-In-Time (JIT) Provisioning.
- Users are reevaluated and assigned to groups each time they log in, based on a group membership attribute being passed.
If a user does NOT have a user mapping associated with their account, the user gets moved to "Users without Group" and has restricted access.
If a user's user mapping changes, they will be moved to the correct group upon their next SSO sign-in.
- Correct mapping is based on the SSO mapping created in VALT and the attribute/pair value being passed from the IdP.

⤺ Back to VALT SSO Main Page

@@ Line 1: / Line 1: @@
 __TOC__
 {{Article | title = Authentication Workflows | content =
+<onlyinclude>
 There are three different authentication methods that can be used for VALT:
 <b>
-*Local Accounts
+*Local Authentication
-*LDAP/LDAPS Integration
+*LDAP Authentication
-*SSO Integration
+*SSO Authentication
 </b>
-Any combination of these can be implemented and used at the same time.
 {{hr}}
@@ Line 16: / Line 15: @@
 Local accounts are created and assigned to groups within VALT. Local accounts can be created manually or imported from a [[Importing_Users_from_a_file|list]].
-{{img - no_click | file = auth_local.jpg}}
+{{img - resize | file = auth_local.jpg}}
 {{hr}}
@@ Line 23: / Line 22: @@
 LDAP accounts can be imported manually using an LDAP search and lookup tool within the software or imported automatically on a schedule based on group.
-{{img - no_click | file = auth_ldap.jpg}}
+{{img - resize | file = auth_ldap.jpg}}
 {{hr}}
@@ Line 30: / Line 29: @@
 SSO accounts are automatically created when a user logs in for the first time. The user can be placed in the proper group automatically upon login by mapping SSO attributes to a user group within VALT.
-{{img - no_click | file = SSO Flow Chart.png}}
+*VALT's SSO uses <b>Just-In-Time (JIT) Provisioning</b>.
+**<em>Users are reevaluated and assigned to groups each time they log in, based on a [[Single_Sign-On_(SSO)#User_Mapping | group membership]] attribute being passed.</em>
+*If a user does <u>NOT</u> have a user mapping associated with their account, the user gets moved to "<b>Users without Group</b>" and has restricted access.
+*If a user's user mapping changes, they will be moved to the correct group upon their next SSO sign-in.
+**<em>Correct mapping is based on the SSO mapping created in VALT and the attribute/pair value being passed from the IdP.</em>
+{{hr - 2}}
+{{img - resize | file = SSO Flow Chart.png}}
+</onlyinclude>
+{{hr}}
+[[VALT SSO| &#x293A; Back to VALT SSO Main Page]]
 }}

Difference between revisions of "Authentication Workflows"

Latest revision as of 14:13, 1 April 2024

Contents

Authentication Workflows

Local Authentication

LDAP Authentication

SSO Authentication

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

VALT Software

Installation

Troubleshooting

Tools