User-facing authentication mechanism for applications

Define how end users authenticate to an application.

Enterprise Application Access (EAA) offers the following authentication options:

  • Form: End users enter their username and password through the Login Portal page. This is the default authentication option and it can be combined with multi-factor authentication (MFA). Additionally, cookies are used to maintain the end user’s login state.
  • Basic: End users are prompted to enter their username and password in a browser dialog. Unlike the Form option, Basic does not support multi-factor authentication and does not use cookies to maintain the end user’s login state.
  • Basic+Cookie: Like the Basic option, this option prompts users to enter their username and password in a browser dialog. The Basic+Cookie option, however, uses cookies to maintain the end user’s login state.
  • Certificate Only: This option is available when certificate-based authentication is enabled. With this option, no login credentials are required. End users are authenticated with the certificate that is stored on their machine or device.

Select one of these options in the User-facing Authentication Mechanism setting in the Advanced Settings of an application configuration (Application > Settings > Advanced settings). These authentication options or mechanisms only apply if the application is assigned to an identity provider (IdP) with an Active Directory (AD), Lightweight Directory Access Protocol (LDAP), or Active Directory Lightweight Directory Services (AD LDS).