}}

Identity provider-based authentication

Enterprise DC/OS Experimental Updated: November 16, 2016

Configuring identity provider-based authentication

To provide Single Sign-On (SSO) in your organization, you can configure Enterprise DC/OS to authenticate users against one or more external user identity providers. In contrast to directory-based authentication, the identity provider-based authentication is not as rich (less information available) but more flexible for individual users.

When a user attempts to log on, they will be presented with a list of the third-party identity providers that you have configured. They can click the one that they have an account with for SSO.

Enterprise DC/OS supports two types of identity provider-based authentication methods: Security Assertion Markup Language (SAML) and OpenID Connect (OIDC):