Access Policy Manager® supports the following SSO authentication methods.
|HTTP Basic Auth||Access Policy Manager uses the cached user identity and sends the request with the authorization header. This header contains the token Basic and the base64-encoded for the user name, colon, and the password.|
|HTTP Form-Based Auth||Upon detection of the start URL match, Access Policy Manager uses the cached user identity to construct and send the HTTP form-based post request on behalf of the user.|
|HTTP NTLM Auth v1||NTLM employs a challenge-response mechanism for authentication, where the users can prove their identities without sending a password to the server.|
|HTTP NTLM Auth v2||NTLM employs a challenge-response mechanism for authentication, where the users can prove their identities without sending a password to the server. This version of NTLM is an updated version from NTLM v1.|
|Kerberos||This provides transparent authentication of users to Windows Web application servers (IIS) joined to Active Directory domain. It is used when IIS servers request Kerberos authentication; this SSO mechanism allows the user to get a Kerberos ticket and have Access Policy Manager present it transparently to the IIS application.|