User Type | Authenticating Server | Scope (Platform or Warehouse) | Supported Clients of Applications | Notes |
---|---|---|---|---|
SSO | Supported OAuth2-compliant IdP | Platform and Warehouse | Web UI, Query Editor, OAuth supported clients (Tableau, DBeaver, etc...) Ideal for interactive users. | Will not work with clients that do not support connection through OAuth2 tokens and require a username/secret to be passed through the API. The SSO provider can be configured to support a user’s customer IdP, such as Okta. |
SSO with device flow | Supported OAuth2-compliant IdP | Platform and Warehouse | SSH Clients, command line clients applications (any non-interactive clients with no web UI to perform OAuth 2 authentication). Ideal for situations where authentication needs to happen on a machine other than the client. | Will not work with clients that do not support connections through OAuth2 tokens and require a username/secret to be passed through the API. Will not work from within applications that use a UI and have no ability to standard output (Tableau, DBeaver, etc...). The SSO provider can be configured to support a user’s customer IdP, such as, Okta. |
Native | Warehouse User Management DB (iidbdb) server | Warehouse | JDBC or ODBC applications that need a username/secret to connect and are unable to work with OAuth2 protocol. Ideal for applications that need to connect to the warehouse or for users using clients where a username/secret is required. | Example: Looker |
Platform | Warehouse User Management DB (iidbdb) server | Platform and Warehouse | Web UI, Query Editor, OAuth supported clients (Tableau, DBeaver, etc...) Ideal for additional interactive users who are not available through SSO. | Platform users are managed by the platform. |
API keys | Actian Data Platform authentication | Platform and Warehouse | Applications that need to use the Actian Data Platform REST API to perform platform operations or need to connect to the warehouse. | API keys are managed by the platform. |