Authentication & Login Methods

Authentication Overview

Authentication is how users prove their identity to access the Kinetic Platform. This guide explains the supported authentication strategies, when to use them, and how they fit into the broader security model.


Understanding Authentication vs. Authorization

  • Authentication: Confirms the identity of the user — “Who are you?”
  • Authorization: Determines what that user can do — “What are you allowed to do?”

This page focuses on authentication. For details on permissions and access control, see the Security Policies section.


Supported Authentication Methods

1. Internal Authentication

Users authenticate using credentials (username + password) stored directly in the platform.

  • Simple setup
  • Best for small teams or non-production use
  • Can be used for admin accounts or integrations

2. Single Sign-On (SSO)

Authenticate users with credentials managed outside of the Kinetic Platform, such as an enterprise identity provider (IdP).

Supported SSO Methods:

  • LDAP (Lightweight Directory Access Protocol)

  • SAML (Security Assertion Markup Language)

  • CAC (Common Access Card via X.509 or Reverse Proxy)

  • Recommended for enterprise or government deployments

  • Syncs with your existing identity management

  • Enables centralized control and compliance

See SSO Configuration Guides for setup instructions.


3. OAuth

OAuth enables secure, token-based login flows for custom applications or frontend projects.

  • Ideal for React apps and embedded portals
  • Requires creating an OAuth Client and Trusted Domains
  • Supports user login via redirect-based flow

See Configuring OAuth Clients & Trusted Domains to get started.


🔍 Which Should I Use?

Use CaseRecommended Method
Small internal teamInternal Authentication
Enterprise or government orgSSO (LDAP or SAML)
Custom web apps or portalsOAuth
Local development or API testingOAuth (Public Client) or Internal User

Related Topics