Security providers in Jitterbit App Builder

Introduction

App Builder supports several security providers that you can use to secure your applications, by verifying the identity of their users, and authenticating the data sources that they connect to.

This page explains how security providers work, lists all those available, and where you can read more about them.

Access security providers

To access the security provider configuration screen, follow these steps:

1. Open the IDE.

2. In the Connect panel, click Security Providers.

3. The Security page opens. It shows all the providers currently configured, and contains buttons to add and configure new ones. You can use security providers for user or data source authentication:

   

Add a new security provider

To configure and use a security provider, access the Security page.

The User Authentication and Data Source Authentication panels contain lists with all the providers currently configured. The lists include filter and search tools. Each row on the lists shows the provider's name, its classification type, a checkbox that indicates with a green checkmark whether it's currently enabled, and a chevron icon that can be clicked to edit it.

To add a new security provider, either click the + User Authentication button, or click the + Data Source Authentication button above the corresponding list. The Provider page opens, containing these fields:

• Settings:

  • Name: Enter a name to identify the security provider. The name appears throughout the IDE. In the case of user authentication providers, the name also appears on the login form, and in the URL (for example, https://example.com/AppBuilder/signin-Name).

  • Type: Use the dropdown list to select the security provider type. Types typically correspond to a protocol, an authentication standard, or a vendor-specific scheme. The type cannot be changed later. The list presents the following options. Click on a provider to learn more:

    • Active Authentication:

      • API Key: Authenticates API requests with a user key.

      • HTTP Basic Authentication: Authenticates API requests with HTTP Basic authentication.

      • Integrated Windows Authentication: Authenticates users using Integrated Windows Authentication (IWA).

      • Web Access Management: Authenticates users identified by a Web Access Management (WAM) system.

    • Data Source Authentication:

      • HTTP: Authenticates HTTP client web requests.

      • SAP OData Services: SAP OData Services authentication types.

      • SuccessFactors OData: SuccessFactors OData API authentication.

    • External Authentication:

      • App Builder / OpenID Connect: Sign in via an App Builder OpenID Connect authorization server.

      • Application Authentication: Allows an application to authenticate users.

      • Google Accounts / OpenID Connect: Sign in via Google Accounts using OpenID connect.

      • JWT SSO: JWT single sign-on (SSO) authentication.

      • Microsoft / OpenID Connect: Microsoft OpenID Connect (OIDC) Identity Providers (IdPs) including Azure, Microsoft 365, and Outlook.com.

      • OAuth: OAuth authorization grants.

      • OpenID Connect: OpenID Connect SSO.

      • Salesforce: Salesforce authentication and authorization.

      • Salesforce / OpenID Connect: Sign in via Salesforce using OpenID Connect.

      • SAML: SAML SSO authentication.

      • WS-Federation: Web Services Federation integration with Microsoft Azure Active Directory.

    • Forms-based Authentication:

      • Active Directory: Active Directory forms-based authentication provider.

      • Jitterbit Harmony: Jitterbit Harmony authentication provider.

      • Local User: Local user store.

      • SuccessFactors Password: Authenticates user-supplied credentials using the SuccessFactors SOAP API.

    • Identity Provider:

      • Authorization Server: OpenID Connect authorization server.

      • SAML Identity Provider: SAML SSO identity provider.

    • Provisioning:

      • User Provisioning: Define a default configuration when creating new users.

    • Report:

      • Adobe PDF Services: Authenticates requests for Adobe PDF REST API.

    • URL Rewriting:

      • Rewrite URL: Rewrites HTTP request URLs to match web client URLs.

  • Priority: An integer that sets the order that security providers appear on the login form and execute in the request pipeline.

  • Enabled: Check to enable the security provider. A disabled security provider does not appear on the login form and cannot be used to authenticate users.

  • Identifier: A unique identifier for the security provider. This field is automatically generated.

Configuration

The Configuration panel summarizes general information about your security provider settings:

• Authentication:

  • Anonymous User: The group specified to handle anonymous authentication to the App Builder environment.

  • Authentication Expiry: The security token lifetime, measured in minutes.

  • Default Authentication: Sets the default authentication provider.

  • Login Page: Overrides the default login page with a custom one.

    Note

    If you use a custom login page, anonymous users must be able to access it.

  • Invitation URL: Link to a page which allows users to send an invitation to create an account.

• Sessions:

  • Session Storage: Determines when sessions are stored.

  • Anonymous Expiry: Determines how long anonymous sessions are stored.

  • Max Concurrent: Limits the maximum number of concurrent sessions per user account.