What types of authentication mechanisms does your Edgescan support?

Auth Type

Supported

Auth Description

Web Applications

Username and Password Authentication

Supported

Users provide a username and password to authenticate themselves. This is one of the most common authentication mechanisms for web applications.

Multi-Factor Authentication (MFA)

Custom

Requires users to set up service accounts for Edgescan with additional verification factors, such as a one-time password (OTP) sent via SMS or email, biometric authentication, or hardware tokens.

Social Login (OAuth/OpenID Connect)

Supported

Allows users to authenticate using their existing accounts from third-party identity providers such as Google, Facebook, or LinkedIn, leveraging OAuth or OpenID Connect protocols.

JSON Web Tokens (JWT)

Supported

Tokens that contain claims (e.g., user ID, roles) and are digitally signed. JWTs can be used for stateless authentication and authorization in web applications.

Client Certificate Authentication

Custom

Requires users to present a client certificate along with a private key to authenticate to the web application. This method is commonly used in enterprise environments for secure access.

Single Sign-On (SSO)

Supported

Requires users to present a client certificate along with a private key to authenticate to the web application. This method is commonly used in enterprise environments for secure access.

APIs

API Keys

Supported

A unique identifier that is passed along with API requests to authenticate and authorize access to API endpoints. API keys are often used for simple authentication scenarios.

OAuth 2.0

Supported

A token-based authentication framework that allows third-party applications to access protected resources on behalf of a user. OAuth 2.0 provides various grant types, including authorization code, implicit, client credentials, and resource owner password credentials. This includes FAPI support.

OpenID Connect

Custom

An identity layer built on top of OAuth 2.0, providing authentication and single sign-on capabilities. OpenID Connect allows clients to verify the identity of end-users based on the authentication performed by an authorization server.

Bearer Tokens

Supported

Tokens that are included in API requests to authenticate and authorize access to protected resources. Bearer tokens are commonly used with OAuth 2.0 for API authentication.

API Gateways

Custom

API gateways can provide authentication and authorization capabilities for APIs by enforcing security policies, rate limiting, and access control rules.

Servers & Infrastructure

SSH Keys

Supported

Users authenticate to servers using SSH keys, which consist of a public key (stored on the server) and a private key (stored on the user's device). SSH keys are commonly used for secure remote access to servers.

TLS Client Certificate Authentication

Custom

Requires clients to present a client certificate during the TLS handshake process to authenticate to the server. This method is commonly used for secure communication between clients and servers over HTTPS.

Kerberos

Supported

A network authentication protocol that allows clients and servers to prove their identities to each other in a secure manner. Kerberos is commonly used in enterprise environments for single sign-on and mutual authentication.

LDAP/Active Directory Integration

Supported

Servers can integrate with LDAP (Lightweight Directory Access Protocol) or Active Directory for centralized user authentication and authorization. Users authenticate using their LDAP or AD credentials.

Two-Factor Authentication (2FA)

Custom

Requires users to provide two forms of authentication to access servers, typically a password or passphrase and a second factor such as a one-time password (OTP) token or biometric authentication.