Configure authentication
The authentication process is very flexible and can be adapted to suit your specific deployment. The number of choices can seem daunting, but when you understand the basic process, you’ll be able to configure custom authentication paths to protect access to the applications in your organization.
You configure authentication per realm. When you create a new realm, it inherits the authentication configuration of the parent realm. This can save time, especially if you are configuring several subrealms.
The following table summarizes the high-level tasks required to configure authentication in a realm:
| Task | Resources |
|---|---|
Configure the required authentication mechanisms You need to decide how your users are going to log in. For example, you may require your users to provide multiple credentials, or to log in using third-party identity providers, such as Facebook or Google. |
|
Configure the realm defaults for authentication Authentication trees use several defaults that are configured at realm level. Review and configure them to suit your environment. |
|
Configure the success and failure URLs for the realm By default, AM redirects users to the UI after successful authentication. No failure URL is defined by default. |
|
Configure an identity store in your realm. The identity store you configure in the realm should contain those users that would log in to the realm. |