Benefits of Tridion Access Management
The Tridion Docs 15 release adds support for Tridion Access Management, or simply Access Management. The application provides a single, simplified interface for managing access to Tridion applications by end users and by the APIs for other applications.
- Unified single sign-on
-
By functioning as a federation gateway and managing client credentials, Access Management provides single sign-on (SSO) for end users across the different applications that make up a Tridion Docs implementation.
- Simplified configuration of Multi-factor Authentication
-
Because user authentication takes place outside of individual applications and is instead handled by an identity provider, enterprise organizations can enable Multi-factor Authentication (MFA/2FA) with far greater ease.
- User interface for managing system access
-
Access Management provides a centralized interface for configuring authentication. Administrators can use Access Management user interface to perform the following tasks:
- Create and maintain connections to external identity providers.
- Configure authentication for Tridion Docs applications.
- Manage client credentials for applications, end users and service accounts.
- Simplified configuration of external identity providers
-
Access Management provides a simplified implementation based on a single protocol, OpenID Connect, while still supporting the use of other protocols by external identity providers. The following Tridion Docs applications and services come pre-configured to interact with Access Management through the OpenID Connect:
- The Tridion Docs browser-based user interfaces: Review Space, Draft Space and Organize Space.
- The Tridion Docs desktop clients: Publication Manager, Condition Manager, Content Importer and the external editor connected through Authoring Bridge.
- The ISHRemote module
- The Access Management application itself, both the user interface and the API
- The Add-ons API
Implementors only need to configure one application on the external identity provider system. The different Tridion Docs applications and services are not impacted by external identity provider changes.
- Tridion Identity Provider
-
Tridion Docs provides the Tridion Docs Identity Provider as a sample identity provider that OpenID Connect protocol and makes it easy to get started with Access Management.
The Tridion Docs Identity Provider is automatically registered and configured in Access Management during the installation of Content Manager, and it can be used immediately after installation to authenticate users.
Tridion Docs Identity Provider supports for the OpenID Connect protocol.