Authentication

An Authentication Provider validates user credentials and determines who can log in. Depending on the organization’s infrastructure and security policies, you can choose between several authentication methods—Default, LDAP, Azure AD, SAML, and OIDC—to support secure, centralized, and scalable user authentication.

Default Authentication

In this method, users log in with a username and password created directly in Tellius. Best for quick setup or standalone deployments.

Click on Save to confirm the default authentication method.

LDAP Authentication (Images 2 & 3)

LDAP (Lightweight Directory Access Protocol) allows Tellius to authenticate users against an enterprise directory service. For more details, check out this page.

3. Azure AD Authentication

Use Azure Active Directory for cloud-native, secure authentication.

4. SAML Authentication

SAML (Security Assertion Markup Language) enables single sign-on via enterprise identity providers.

Key Fields:

• Upload Metadata File: Upload or browse your IdP's SAML XML metadata.

• Entity ID: Identifier for Tellius in SAML assertions.

• Mappings (Optional):

  • User Name Mapping: Typically the email address.

  • First/Last Name Mapping: User’s name attributes.

• Default User Role: Default role assigned to new users logging in via SAML.

5. OIDC Authentication

OIDC (OpenID Connect) offers a modern, OAuth-based method for authenticating users.

Required Inputs:

• Client ID & Secret: From your IdP’s OIDC app registration.

• Discovery Document URI: Provides configuration metadata (e.g., https://idp.com/.well-known/openid-configuration).

• Redirect URI: Callback path after successful authentication.

• Default User Role: Default permissions for OIDC users.