Integrated Authentication#
Backup Notice
Please create a full backup before making any changes to an interface or an import. If the result is not satisfactory, it can be easily restored.
Overview#
i-doit offers a flexible selection of authentication methods tailored to different use cases and security requirements. This page gives you an overview of the available options from simple local login and connection to a central Active Directory to advanced methods like Single Sign-On (SSO) or Two-Factor Authentication (2FA).
Local Users#
Local users are managed directly in i-doit as objects of the "Person" type and are ready for immediate use. Their greatest strength is functioning as an independent emergency access, should central authentication systems like LDAP/AD become unavailable.
Further reading:
LDAP / Active Directory#
i-doit supports seamless integration with directory services like LDAP or Active Directory. This enables:
- Centralized authentication for web login using existing company accounts.
- Automated import of users and groups (optionally via the console).
More information:
API Access (JSON-RPC)#
For automating processes and connecting external tools, i-doit offers a powerful JSON-RPC API. Using it requires a local user with a valid API key for each tenant.
More information:
Advanced Authentication Methods#
To further enhance convenience and security, i-doit supports modern authentication methods:
- Single Sign-On (SSO): Reduces login hurdles for users and increases convenience via SAML or Kerberos.
- Two-Factor Authentication (2FA): Adds a second layer of security to the login, effectively protecting accounts from unauthorized access.
More information:
Conclusion#
Local users provide immediate access and serve as an emergency login. LDAP/AD offers central management for larger teams. The API is the key to automation and integration. SSO and 2FA increase convenience and security in enterprise environments.