PlexTrac supports multiple authentication methods for single-sign-on (SSO):
- OAuth: OAuth is an open standard for authorization that grants access via access tokens. OAuth authorizes an application to access your data without giving it access to your credentials.
- OpenID: OpenID Connect provides an authentication layer on top of OAuth 2.0. It addresses the lack of an authentication mechanism in OAuth, and thus is a more secure solution.
- SAML: Security Assertion Markup Language (SAML) is an open standard that attempts to bridge the divide between authentication and authorization.
OAuth is used in access authorization, while SAML and OpenID Connect are used in user authentication.
Users need an account with PlexTrac before being authorized to use an alternative sign-on method. The users' email in PlexTrac must be identical to the email address used to authenticate through the third-party tool.
Authorization setup is done by an admin in the Admin Dashboard under Security>Authentication.