Controlling Access to the Vault Authentication Methods¶
Primary authentication¶
You can integrate Securden with LDAP-compliant directory services such as AD, Azure AD, and others. If your organization uses smart cards for authenticating user logons, you can leverage the same for Securden authentication. SAML-compatible federated identity management solutions like Okta, G Suite, Microsoft ADFS, OneLogin, PingIdentity, Azure AD SSO, and others can be integrated for Single Sign On.
MFA for additional security¶
Users can enforce multiple layers of authentication to access their Securden account. As part of two-factor authentication, Securden integrates with Email to SMS gateway, Duo Security, Microsoft Authenticator, RADIUS Authenticator, Yubikey, and more.
Certificate-based authentication¶
To meet the demands of remote work scenarios, you can enable all or select users of your organization to securely access the Securden web interface over the internet. Enabling this access involves configuring an additional certificate-based client authentication, which allows users to authenticate using certificate-based methods for remote work scenarios.
Programmatic access through authentication tokens¶
Securden provides APIs for querying the database programmatically, retrieving credentials, and performing various other tasks. Users can create authentication tokens for carrying out various operations using APIs.
Design Highlights
- Primary authentication
- Securden’s native authentication
- Active Directory/Azure AD authentication
- Smart card authentication
- RADIUS authentication
- MFA enforcement for additional security
- Any TOTP authentication
- Any RADIUS-based authentication
- Duo Security
- Yubikey
- Email to SMS gateway
- OTP through email
- API Access
- Token-based authentication for authorised users
- Dynamic tokens