Authentication

Reltio helps you to perform authentication operations for a user.

Overview

Authentication is the process or action of verifying the identity of a user or process. It is the act of validating whether users are who they claim to be. For example, to log in to an application, the username and password entered are authenticating factors. You are allowed to access the application only if you provide valid username and password.

Authentication Methods

Authentication methods of Reltio Connected Data Platform include:

  • Authentication Service
  • OAuth2/OpenID Connect (OIDC) Single Sign On (SSO)
  • SAML Single Sign On (SSO)
Note: Reltio Connected Data Platform also provides Authentication API, User Management API, and Role Management APIs with Authentication Service.

Authentication Scenarios

The authentication scenarios in Reltio Connected Data Platform include:

Flexible Login Options for the User's Backend Implementation

When you log into Reltio platform, there are two options to log into the tenants, depending on the tenant configuration:

  • Single Sign-On (Ping, Google), which is corporate Identity Provider (IdP) based
  • Non-SSO (Native use case dictated by Reltio Auth service)

Unique User Identification

In Reltio, email address is a unique identifier for user identification. A user with an email address is given a specific set of roles. An email address can be used only once. If you assign the same email address (irrespective of the case) to another user, and the new user attempts to log in, the following error message is displayed:

This login is already in use by another customer. Please use a different account.

For different customers/tenants, it is recommended to set up and use accounts with different email addresses.

Access Tokens

In Reltio, the user has to obtain tokens to be authenticated. The following topics help you to understand more about accessing tokens: