Access Policy Manager® supports the following SSO authentication methods.
|HTTP Basic Auth||The SSO plugin uses the cached user identity and sends the request with the authorization header. This header contains the token Basic and the base64-encoded for the user name, colon, and the password.|
|HTTP Form-Based Auth||Upon detection of the start URL match, the SSO plugin uses the cached user identity to construct and send the HTTP form-based post request on behalf of the user.|
|HTTP NTLM Auth v1||NTLM employs a challenge-response mechanism for authentication, where the users can prove their identities without sending a password to the server.|
|HTTP NTLM Auth v2||NTLM employs a challenge-response mechanism for authentication, where the users can prove their identities without sending a password to the server. This version of NTLM is an updated version from NTLM v1.|
|Oracle Access Manager (OAM)||The Enterprise Access Manager plug-in integrates with the OAM server as access gate(s) for web access, while the Access Policy Manager acts as an OAM Policy Enforcement Point (PEP).|
|Kerberos||This provides transparent authentication of users to Windows Web application servers (IIS) joined to Active Directory domain when using an access policy with a passwordless authentication method. It can also be used when IIS servers require Kerberos authentication.|