System login methods to Navigator365 #
Navigator365 allows different authentication methods to be used on the system:
Navigator365 – a native authentication method using a password stored in the Navigator365 database and assigned to the user. The user’s email address is required to confirm the password. No configuration is required for this setting.
SSO (Single Sign On) options:
Office365 – authentication using Azure cloud. Requires Navigator365 to be registered with the Azure cloud.
ADFS (Active Directory Federation Services) – Microsoft-based authentication that enables secure, authorized access to any domain, device, web application, or system in the organization using Active Directory or via third-party solutions. You can read more about this service on the Microsoft website: Active Directory Federation Services Overview
OpenID #
OpenID is used to log in to many authorization services such as Office365(Azure) or ADFS. In the Navigator365, we have one page to configure it:
Required fields:
Authorization endpoint – the URL of the server responsible for authorization. This can be the address of an Azure server or another Open ID service.
Token endpoint – the address of the service responsible for generating the authorization token.
Name – the name displayed on the button on the Navigator365 login page.
Application (client) ID – the identifier of the application registered on the authorization service. How to obtain the identifier depends on the service. A description of the configuration of the most popular services is provided in separate articles below.
Client secret – the key generated in the authorization service provider’s system. The method of obtaining the secret key is described in seperate articles linked below.
Scope of permissions – permissions from Open ID, only one is required: access profile.
The second part of the configuration – configuration on the side of the authentication services: