Home > User Interface > Configuration > Policy Configuration > Authentication Sources > Authentication Sources
|
Authentication sources define how users and devices are authenticated. See Configuration for a discussion of authentication source usage during configuration.
The general format and usage of the lists on this page is discussed in General GUI Usage.
Four categories of authentication sources are available:
New authentication sources may be defined by selecting 
, 
, 
, or 
drop-down button. Each source
has a unique dialog for its type of authentication.
Most of the authentication sources have associated Authentication Rules. Authentication rules dictate the actions to be performed when the authentication is satisfied.
Several of the authentication sources have associated Administration Rules. Administration rules are similar to Authentication Rules, except these rules apply role-based access to A3 management functions.
External authentication sources use credentials not controlled by the A3 owner. An overview of social media authentication is available at Authentication Methods.
The typical end-user experience with all external authentication sources is:
The sources that are available are shown below.
| User receives an email with a link to follow to complete registration. | |
| Null | Authentication without identification. |
| SMS | User receives a PIN on their cell phone, which they then fill into a CWP. |
| Sponsor | User fills in identification for himself and a company sponsor. Sponsor receives an email to approve access. |
| Clickatell | Authenticate using Clickatell login credentials. |
| Authenticate using Facebook login credentials. | |
| Github | Authenticate using Github login credentials. |
| Authenticate using Google login credentials. | |
| Authenticate using Instagram login credentials. | |
| Kickbox | Authenticate using Kickbox login credentials. |
| Authenticate using LinkedIn login credentials. | |
| OpenID | Authenticate using OpenID login credentials. |
| Authenticate using Pinterest login credentials. | |
| Twilio | Authenticate using Twilio login credentials. |
| Authenticate using Twitter login credentials. | |
| WindowsLive | Authenticate using WindowsLive login credentials. |
Internal authentication sources are sources for which the organization deploying A3 has control. Only internal authentication sources may be used for 802.1x/EAP authentication. The sources that are available are:
| Active Directory | Active Directory. |
| Authorization | No authentication lookup is required. |
| EAP-TLS | Extensible Access Protocol - Transport Layer Security. |
| Htpasswd | A flat file used to store user names and passwords for basic authentication on an Apache HTTP server. |
| HTTP | Authentication using an HTTP API. |
| Kerberos | A secure authentication mechanism based on tickets. |
| LDAP | LDAP accessed directory. |
| Password of the Day | Rotating password. |
| RADIUS | RADIUS (Remote Authentication Dial-In User Service) that implement authentication, authorization, and accounting. |
| SAML | SAML (Security Assertion Markup Language) is an open standard based on XML for exchanging authentication and authorization data. It was designed to support single sign-on for web browsers. |
Exclusive authentication sources are sources that don't fit into other categories. The sources that are available are:
| AdminProxy | An authentication mechanism used in Microsoft systems for administrator single sign-on. |
| Blackhole | Causes authenticated traffic to be dropped, that is sent into a black hole. |
| Eduroam | A federated global wireless network access service for research and education. |
Billing authentication sources provide authentication following successful payment. The sources that are available are:
| AuthorizeNet | Payments made through authorize.net. |
| Mirapay | Payments made through MiraPay. |
| Paypal | Payments made through Paypal. |
| Stripe | Payments made through Stripe. |
Copyright © 2020 Extreme Networks. All rights reserved. Published December 2020.