Supported authentication methods
Tridion Sites supports various authentication methods across the product suite, including Tridion Access Management. For supported applications, you can use Access Management to configure authentication using your choice of Identity Provider (IdP) and authentication protocol.
Access Management functions as a federation gateway for authentication of multiple applications by one or more external Identity Providers (IdPs), such as Azure Active Directory. Applications connect to Access Management through the OpenID Connect protocol, and the IdP then handles authentication requests. Access Management supports IdPs for OpenID Connect, SAML, LDAP and Windows.
If upgrading from an earlier version of Tridion Sites (prior to Access Management being introduced), you probably have existing implementations of authentication and IdPs that were directly configured. In addition, some parts of Tridion Sites that Access Management does not yet support. In general, direct configuration of authentication is deprecated and we advise that you migrate authentication Access Management wherever it is possible. Direct configuration continues to be supported for the applications that Access Management does not yet support and to provide you with time to complete your migration to Access Management.
The following table summarizes authentication method support across the suite:
| User interface or API | Access Management | Authentication configured directly for one of these protocols: | ||||
|---|---|---|---|---|---|---|
| OpenID Connect | SAML 2.0 | LDAP | Windows (default) | SSO server | ||
Tridion Sites Classic user interfaces, including:
| yes | no | deprecated | deprecated | yes | deprecated |
| Core Service API for Classic user interfaces | yes | no | no | yes | yes | deprecated |
| Tridion Sites Experience Space user interface | yes | no | no | no | yes | no |
| Core Service REST API for Experience Space | yes | no | no | no | yes | no |
| Add-ons feature | yes | deprecated | no | no | no | no |
| Access Management feature | yes | no | no | no | no | no |
Windows-based Content Management user interfaces, including:
| yes | no | no | deprecated | yes | deprecated |