Skip to main content

Security of OutSystems applications

OutSystems

What identity providers can be used in OutSystems apps?

Out-of-the-box OutSystems supports three different identity providers for your apps:

  • Built-in: OutSystems securely stores the user information. Users are authenticated with the built-in authentication mechanism. This is the fastest way to get started since it requires no configuration.

  • Active Directory: When users try to authenticate in an application, the application delegates the authentication to the Active Directory domain controller. Windows integrated authentication is also supported. This is done behind the scenes so users don't have to type their credentials. Authentication through Active Directory is only available on the .NET stack.

  • LDAP: When users try to authenticate in an application, the application delegates the authentication to the LDAP server.

Authenticate with other identity providers

Teams have the ability to fully customize the authentication flow of applications. When a user tries to access a screen that requires authentication, OutSystems raises a security exception. Exceptions can be handled in any manner determined by the team.

For example, a team can redirect the user to a custom login page. In this page the team or developer can validate the user credentials against the identity provider of choice, using OAuth, SAML, or any other authentication mechanism.

Forge components

Before implementing your connectors, check the Forge. Here are some connectors to identity providers built by the community:

  • Was this article helpful?