Central authentication
Manage all accesses to your wiki via the company-wide user administration.
By connecting to your user management, you keep BlueSpice under control and make it easier to work with BlueSpice.
Connecting to your user administration
Your central user administration contains the master and login data of your colleagues. This includes user names, passwords, phone numbers, email addresses, and group and department memberships. We can support you in connecting your user administration to BlueSpice.
Advantages of central authentication
- The user administration in the wiki is always up to date, because users are added, updated or deactivated centrally.
- You ensure that only authorized employees have access to your wiki.
- Employees are given quick and easy access to the wiki with their company-wide password.
- If the connection is made as a single sign-on, a single login at the workstation is sufficient for automatic wiki login.
How it works
When a user wants to access BlueSpice, BlueSpice checks with the central user administration and finds out whether the user is known and has provided the correct password. If this is the case, he or she gets access to the wiki. What users can see or edit depends on the user group to which they belong. User groups and their rights are administered directly in the wiki. It is also possible to synchronize user groups with the central user directory.
Technical possibilities
- Connection to an LDAP directory
The “Lightweight Directory Access Protocol” (LDAP) is the common directory service, not only in Linux operating systems. - Connection to an Active Directory (AD)
The directory service provided by Microsoft Windows Server is, of course, also one of the connection options supported. The AD also uses the LDAP protocol. - Automatic login with single-sign-on
Users are directly logged on to BlueSpice with their Windows identification. The login is done via Kerberos. - SAML connection
The “Security Assertion Markup Language” (SAML) is a framework for exchanging authentication and authorization information for web services. It is often used for cloud services outside the corporate firewall. - OpenID Connect (OIDC)
This simple identity protocol is an open standard based on the OAuth 2.0 protocol. This makes it possible to connect all identity providers that support OpenID. This is particularly interesting for cloud instances if they are to be connected to Okta, for example.
All connection scenarios are generally possible for users of BlueSpice farm.