InterSystems IRIS for Health™ supports a wide variety of authentication mechanisms. Authentication determines if users are who they say they are. Additionally, InterSystems IRIS for Health™ supports a robust role-based authorization system, which determines an authenticated user can create, use, view, change, or delete.
Read all about it
LDAP
The lightweight directory access protocol
Kerberos
The Kerberos network authentication system
OS-based authentication
Using operating system credentials
Instance authentication
The InterSystems IRIS for Health built-in authentication system
Delegated authentication
Using your own authentication system and tying in InterSystems IRIS for Health
Using Resources to Protect Assets
The system, database, and service resources that protect assets such as an InterSystems IRIS database
Privileges and permissions
Combining permissions and resources to create privileges
Roles
Using roles, which are collections of privileges
Users
Managing users, including predefined users
Match authentication with authorization
Your authentication mechanism determines what authorization mechanism you can use.
Authentication mechanism
Authorization mechanisms
LDAP
InterSystems authorization, LDAP
Kerberos
Delegated authorization, InterSystems authorization
OS-based
Delegated authorization, InterSystems authorization, LDAP
Instance authentication
InterSystems authorization
Delegated authentication
Delegated authorization, InterSystems authorization
Two-factor authentication
InterSystems IRIS for Health supports both SMS text authentication and time-based one-time password (TOTP) authentication.
Two-factor authentication
Match authorization with authentication
You can use each authorization/role-assignment mechanism only with certain authentication mechanisms.
Authorization/role-assignment mechanism
Authentication mechanism(s)
Delegated authentication (can also perform authorization)
Delegated authentication
Delegated authorization
Delegated authentication, Kerberos, OS-based
InterSystems authorization
All authentication systems
LDAP
LDAP, OS-based