Documentation Center

Central authentication

You can configure central authentication to verify the identity of visitors to your Web Client. Windows Active Directory can be configured for central authentication.

The following flow diagram gives an overview on SDL LiveContent Architect and central authentication in the IIS layer.

A SDL LiveContent Architect User Profile has three types of metadata:
  • Authentication; user name and password
  • Authorization; user roles and access to user groups
  • Application Data; User language, Favorites, e-mail, user name, id,...

Authentication can happen through a central or third party system such as Active Directory. Once authenticated as an external user, SDL LiveContent Architect maps the user to a SDL LiveContent Architect User Profile for authorization and application data. SDL LiveContent Architect no longer has to store user passwords.

The SDL LiveContent Architect User Profile is required for:
  • Granting it user roles and access to user groups
  • Referencing in workflow and assignments
  • Populating user lists based on SDL LiveContent Architect user roles

If logging in using Web Services, you need to configure the credentials to pass to the web services. The following combinations are possible:

Central Authentication TypeClient Tools Account OptionsTechnical Implementation
SDL LiveContent Architect Authentication (legacy option)Select option Trisoft Authentication and enter a valid SDL LiveContent Architect user name and password.The SDL LiveContent Architect user name and password is provided directly to the Application.Login function.
Windows AuthenticationSelect option Windows Authentication.Program using claims-based authentication