DocumentationRelease Notes
Documentation

AUTHENTICATION USER GUIDE | BI On-prem

Suggest Edits

What is authentication for BeyondInsight and Password Safe?

Authentication for BeyondInsight and Password Safe is the process of verifying the identity of users before granting access to system resources. BeyondInsight and Password Safe support authentication using local BeyondInsight accounts, as well as accounts imported from Active Directory, Entra ID, or LDAP. They also support additional security methods, including multi-factor authentication, smart card authentication, and third-party authentication via SAML 2.0–compliant web tools. This ensures that only authorized users can access the platform and its features.

How is it useful?

it ensures that only verified and authorized users can access sensitive system resources. By supporting multiple authentication methods, such as local accounts, directory services, multi-factor authentication, smart cards, and SAML-based third-party authentication, it enhances security, reduces the risk of unauthorized access, and allows organizations to integrate with existing identity management systems. This helps protect critical data while providing flexible and reliable access control.

Learn how to configure authentication methods such as:

  • Two-factor using a RADIUS server
  • SecureAuth using RADIUS
  • Two-factor using TOTP
  • Passwordless Authentication
  • Smart card
  • Claims-aware website
  • SAML Identity Provider
  • SAML with Entra ID App
  • Active Directory Federation Services (AD FS) SAML
  • Okta SAML
  • Ping Identity SAML
  • PingOne SAML

Updated about 2 months ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.