Team Edition Documentation

DOWNLOAD pdf

Authentication methods

Overview

Team Edition provides various authentication methods, configurable by administrators in the Settings -> Administration -> Server Configuration. For more detailed information on each method, please refer to the subsequent sections.

Local access

Local access requires users to authenticate using a username and password. Administrators create user accounts and assign roles to define user permissions. For more detailed information, see the Local access authentication article.

Reverse proxy access

This authentication method is based on HTTP request headers. For more detailed information, see the Reverse Proxy Header Authentication article.

AWS IAM access

AWS IAM authentication allows logging in with IAM credentials, automatically assigning a 'User' role in Team Edition. For more details, see the AWS IAM article.

SSO access

SSO (Single Sign-On) authentication can be used for access to Team Edition. Once an SSO user is authorized to Team Edition instance, the appropriate user is created in the application with the User role by default (you can find more information about SSO authentication at Single Sign On article).

OpenID

OpenID Connect (OIDC) authentication enables users to log in using credentials from an OpenID Connect identity provider, simplifying the login process across different services. For further details, please consult the OpenID authentication article.

AWS OpenID

AWS OpenID Connect (OIDC) authentication integrates with AWS Identity and Access Management (IAM) to enable signing in using an OpenID Connect identity provider. This approach allows for the secure delegation of permissions to AWS resources based on the identity established by the provider. For more information, please refer to the AWS OpenID authentication article.

Okta OpenID

Okta OpenID Connect (OIDC) authentication allows applications to authenticate users via Okta's OIDC provider. This process enables secure and streamlined user access to applications and services without requiring them to manage multiple passwords. For more information, refer to the Okta OpenID Authentication article.

Cognito OpenID

Cognito OpenID is a feature of Amazon Cognito that allows you to use Cognito as an OpenID Connect (OIDC) identity provider. By configuring Cognito as an OIDC provider, users can sign in to Team Edition using their existing accounts with OIDC identity providers. For more information, refer to the Cognito OpenID Authentication article.

Microsoft Entra ID

Microsoft Entra ID, previously known as Azure AD, is a service that allows you to use Microsoft's cloud-based identity and access management service as an identity provider. By integrating Microsoft Entra ID with Team Edition, users can sign in using their Microsoft accounts, leveraging Azure Active Directory (Azure AD) for authentication. For more details, see the Microsoft Entra ID Authentication article.

Google

Google Authentication is a method that allows users to sign in to Team Edition using their Google accounts. This integration leverages Google as an OpenID Connect (OIDC) identity provider, enabling users to authenticate with their existing Google credentials. For more information, refer to the Google Authentication article.

JWT

JWT (JSON Web Tokens) Authentication is a secure method to transmit information between parties as a JSON object. In the context of Team Edition, JWT authentication can be configured to verify the identity of users. For more information, refer to the JWT Authentication article.

NTLM

NTLM (New Technology LAN Manager), is a suite of Microsoft security protocols used for user authentication and data protection in Windows networks. It operates on a challenge-response mechanism to verify user identity without transmitting passwords directly. For more information on configuration, refer to the NTLM Authentication article.