Authentication & Login Methods
Authentication Overview
Authentication is how users prove their identity to access the Kinetic Platform. This guide explains the supported authentication strategies, when to use them, and how they fit into the broader security model.
Understanding Authentication vs. Authorization
- Authentication: Confirms the identity of the user — “Who are you?”
- Authorization: Determines what that user can do — “What are you allowed to do?”
This page focuses on authentication. For details on permissions and access control, see the Security Policies section.
Supported Authentication Methods
1. Internal Authentication
Users authenticate using credentials (username + password) stored directly in the platform.
- Simple setup
- Best for small teams or non-production use
- Can be used for admin accounts or integrations
2. Single Sign-On (SSO)
Authenticate users with credentials managed outside of the Kinetic Platform, such as an enterprise identity provider (IdP).
Supported SSO Methods:
-
LDAP (Lightweight Directory Access Protocol)
-
SAML (Security Assertion Markup Language)
-
CAC (Common Access Card via X.509 or Reverse Proxy)
-
Recommended for enterprise or government deployments
-
Syncs with your existing identity management
-
Enables centralized control and compliance
See SSO Configuration Guides for setup instructions.
3. OAuth
OAuth enables secure, token-based login flows for custom applications or frontend projects.
- Ideal for React apps and embedded portals
- Requires creating an OAuth Client and Trusted Domains
- Supports user login via redirect-based flow
See Configuring OAuth Clients & Trusted Domains to get started.
🔍 Which Should I Use?
| Use Case | Recommended Method |
|---|---|
| Small internal team | Internal Authentication |
| Enterprise or government org | SSO (LDAP or SAML) |
| Custom web apps or portals | OAuth |
| Local development or API testing | OAuth (Public Client) or Internal User |
Related Topics
Updated 2 months ago