Unimarket offers several authentication mechanisms to provide flexibility for different security and user management needs. These fall into two main categories: Username/Password Authentication and Single Sign-On (SSO).
Username / Password Authentication
These methods involve users entering credentials into a login screen, which are then verified against Unimarket or an external database.
Standard Unimarket Authentication: The default method where users and passwords are created and stored directly, in Unimarket. No external setup is required.
-
Active Directory (LDAP) Authentication: Users enter their credentials on the Unimarket login page. But Unimarket sends a request to the customer's Active Directory server to verify them.
Benefit: Centralized control—removing a user from AD automatically blocks their Unimarket access.
Note: Requires opening standard LDAP/LDAPS ports in the customer firewall.
Integrated Username/Password (SOAP): Credentials entered in Unimarket are sent via a SOAP web service request, to a custom endpoint in the customer's environment. This provides full control over custom backend integrations.
Single Sign-On (SSO) Authentication
SSO allows users to access Unimarket without re-entering credentials, if they are already authenticated within their organization's network or portal.
| SSO Method | Description | Key Features |
|---|---|---|
| SAML | Industry-standard XML-based framework. | Unimarket acts as the Service Provider (SP) and integrates with the customer's Identity Provider (IDP). Can include roles and groups in the response. |
| CAS | Central Authentication Service standard. | Allows transparent authentication through the CAS protocol. |
| Unimarket Integrated | Custom web service integration. | Documentation-heavy setup for highly customized portal environments. |
Key Comparison: User Management
Regardless of the authentication method chosen, user profiles (roles, buyer groups, and org units) must still be managed. This can be done in two ways:
Manual/Admin Management: A Unimarket Administrator manually configures roles and settings within the application.
Integrated Management: Using the Unimarket User-Detail integration to externally sync profile details or, in the case of SAML, passing attributes directly in the authentication response.