Supported authentication methods

Tridion Sites supports various authentication methods across the product suite, including Tridion Access Management. For supported applications, you can use Access Management to configure authentication using your choice of Identity Provider (IdP) and authentication protocol.

Access Management functions as a federation gateway for authentication of multiple applications by one or more external Identity Providers (IdPs), such as Azure Active Directory. Applications connect to Access Management through the OpenID Connect protocol, and the IdP then handles authentication requests. Access Management supports IdPs for OpenID Connect, SAML, LDAP and Windows.

If upgrading from an earlier version of Tridion Sites (prior to Access Management being introduced), you probably have existing implementations of authentication and IdPs that were directly configured. In addition, some parts of Tridion Sites that Access Management does not yet support. In general, direct configuration of authentication is deprecated and we advise that you migrate authentication Access Management wherever it is possible. Direct configuration continues to be supported for the applications that Access Management does not yet support and to provide you with time to complete your migration to Access Management.

The following table summarizes authentication method support across the suite:

User interface or APIAccess ManagementAuthentication configured directly for one of these protocols:
OpenID ConnectSAML 2.0LDAPWindows (default)SSO server
Tridion Sites Classic user interfaces, including:
  • Content Manager Explorer
  • Experience Manager
  • Other browser-based Content Manager clients, such as Translation Manager
yesnodeprecateddeprecatedyesdeprecated
Core Service API for Classic user interfacesyesnonoyesyesdeprecated
Tridion Sites Experience Space user interface yesnononoyesno
Core Service REST API for Experience Space yesnononoyesno
Add-ons featureyesdeprecatednononono
Access Management featureyes nonononono
Windows-based Content Management user interfaces, including:
  • Content Porter
  • Template Builder
  • Visio Workflow Designer
  • TcmUploadAssembly.exe (command line tool)
yesnonodeprecatedyesdeprecated