Documentation Center

Supported authentication methods

Tridion Sites supports various authentication methods across the product suite, including Tridion Access Management. For supported applications, you can use Access Management to configure authentication using your choice of Identity Provider (IdP) and authentication protocol.

Access Management functions as a federation gateway for authentication of multiple applications by one or more external Identity Providers (IdPs), such as Azure Active Directory. Applications connect to Access Management through the OpenID Connect protocol, and the IdP then handles authentication requests. Access Management supports IdPs for OpenID Connect, SAML, LDAP and Windows.

If upgrading from an earlier version of Tridion Sites (prior to Access Management being introduced), you probably have existing implementations of authentication and IdPs that were directly configured. In general, direct configuration of authentication is deprecated and we advise that you migrate authentication Access Management wherever it is possible. Direct configuration continues to be supported for the applications that Access Management does not yet support and to provide you with time to complete your migration to Access Management.

The following table summarizes authentication method support across the suite:

User interface or APIAccess ManagementAuthentication configured directly for one of these protocols:
OpenID ConnectSAML 2.0LDAPWindows (default)SSO server
Experience Spaceyesnonononono
Classic user interfaces:
  • Content Manager Explorer
  • Experience Manager
  • Other browser-based Content Manager clients, such as Translation Manager
yesnonodeprecatedyesno
Windows-based Content Management user interfaces, including:
  • Content Porter
  • Template Builder
  • Visio Workflow Designer
  • TcmUploadAssembly.exe (command line tool)
yesnonodeprecatedyesno
Core Service REST API for Experience Spaceyesnononoyesno
Core Service API for Classic user interfacesyesnonoyesyesno
Access Management featureyesnonononono
Add-ons featureyesdeprecatednononono