Configuring authentication

Maximo Application Suite supports local user authentication by MongoDB as well as authentication by using Lightweight Directory Access Protocol (LDAP) or Security Assertion Markup Language (SAML).

Regardless of where authentication is managed, access management and user privileges authorization is managed by Maximo Application Suite.

Local authentication by MongoDB

If no other authentication method is configured, user authentication is performed by MongoDB, which acts as the default user repository. No additional configuration is required.

With local authentication, Maximo Application Suite provides single sign-on (SSO) for all fully integrated applications.

Optional: LDAP authentication

With LDAP, the user authentication is managed by your LDAP server. You can configure your Maximo Application Suite environment to use your own corporate LDAP server.

With LDAP authentication, Maximo Application Suite provides SSO for all fully integrated applications, and you can also configure external applications to use the same LDAP server.

You can configure Maximo Application Suite to use LDAP at setup or later.

When LDAP is enabled, you can select to use LDAP authentication when you create new users. The user ID of the Maximo Application Suite user must match the ID of a corresponding LDAP user.

For more information about configuring Maximo Application Suite for LDAP, see Configure LDAP.

Optional: SAML authentication

With SAML, the user authentication is managed by your SAML server. You can configure Maximo Application Suite to use SAML at setup or later.

With SAML authentication, you can set up SSO for Maximo Application Suite as well as any external application that supports SAML and is accessed from the same browser.

When SAML is enabled, you can select to use SAML authentication when you create new users. The user ID of the Maximo Application Suite user must match the ID of a corresponding SAML user.

For more information about configuring Maximo Application Suite for SAML, see Configure SAML.