Skip to main content

This documentation is for an older version of this product. See the latest version of this content.Opens in a new tab

Authentication and Authorization

InterSystems Supply Chain Orchestrator™ supports a wide variety of authentication mechanisms. Authentication determines if users are who they say they are. Additionally, InterSystems Supply Chain Orchestrator™ supports a robust role-based authorization system, which determines an authenticated user can create, use, view, change, or delete.

Get acquainted

Users and roles in InterSystems IRISOpens in a new tab

Authentication introduction

Authorization: Controlling User Access

Try it

Configuring Role-Based AccessOpens in a new tab

Read all about it

LDAP

The lightweight directory access protocol

Kerberos

The Kerberos network authentication system

OS-based authentication

Using operating system credentials

Instance authentication

The Supply Chain Orchestrator built-in authentication system

Delegated authentication

Using your own authentication system and tying in Supply Chain Orchestrator

Using Resources to Protect Assets

The system, database, and service resources that protect assets such as an InterSystems IRIS database

Privileges and permissions

Combining permissions and resources to create privileges

Roles

Using roles, which are collections of privileges

Users

Managing users, including predefined users

Match authentication with authorization

Your authentication mechanism determines what authorization mechanism you can use.

Authentication mechanism Authorization mechanisms
LDAP InterSystems authorization, LDAP
Kerberos Delegated authorization, InterSystems authorization
OS-based Delegated authorization, InterSystems authorization, LDAP
Instance authentication InterSystems authorization
Delegated authentication Delegated authorization, InterSystems authorization

Two-factor authentication

Supply Chain Orchestrator supports both SMS text authentication and time-based one-time password (TOTP) authentication.

Two-factor authentication

External authorization systems

delegated authorization (authorization only)

delegated authentication (authorization and authentication)

Match authorization with authentication

You can use each authorization/role-assignment mechanism only with certain authentication mechanisms.

Authorization/role-assignment mechanism Authentication mechanism(s)
Delegated authentication (can also perform authorization) Delegated authentication
Delegated authorization Delegated authentication, Kerberos, OS-based
InterSystems authorization All authentication systems
LDAP LDAP, OS-based

Explore more

Security

TLS

FeedbackOpens in a new tab