Authentication
strongDM supports three authentication models:
- Delegated authentication
- Native accounts
- Hybrid
Delegated Authentication
The most common method of authenticating to strongDM is via delegated authentication.
Authentication is commonly delegated to a Directory (such as Microsoft Active Directory) or Single Sign-On provider (such as Okta or Google).
It is not necessary to delegate authentication but can be convenient to link existing tools with strongDM.
Native Accounts
Native accounts are necessary for strongDM administrative users.
Native accounts are also utilized in cases where a Directory or Single Sign-On provider is not available.
Hybrid
The Hybrid authentication model employs a Directory or SSO provider, but also allows the strongDM administrator to create accounts that are not SSO-linked. This can be useful in organizations where contractors or other non-SSO users require access to strongDM.