User authentication ensures secure access by verifying user identities. We support the following authentication types:
| User Management Method | Authentication Methods |
|---|---|
| Native user management: Licenses are assigned to users defined within the user management section of Dawiso. | In-memory authentication: Stores credentials within the application for quick access. |
| Integrated user management: Licenses are assigned based on the synchronization of user roles or user groups. | LDAP: Uses an external directory service for authentication., Kerberos: Provides secure, ticket-based authentication for networked environments. It relies on LDAP for user identity verification and authentication management., Microsoft Entra SSO (formerly Azure SSO): Enables seamless sign-in with Microsoft credentials. |
Each method offers different levels of integration and security based on your environment.
In-Memory
To ensure maximum security for user credentials, Dawiso uses PBKDF2 (Password-Based Key Derivation Function 2), a highly secure hashing method that protects against brute-force and dictionary attacks.
Additionally, multiple layers of security, including 32-bit encoding and Base64, further enhance protection, making password storage and transmission both safe and resilient against attacks.
LDAP
LDAP (Lightweight Directory Access Protocol) enables centralized authentication by connecting Dawiso to an organization’s directory service. It synchronizes users, user roles, user information, and editable user attributes.
When LDAP is configured, the organization can also use Kerberos for secure, ticket-based authentication.
Microsoft Entra SSO (formerly Azure SSO)
Microsoft Entra SSO (formerly Azure SSO) allows users to securely sign in to the Dawiso application without storing passwords. Instead, Dawiso leverages OpenID Connect for authentication, enabling seamless and secure login through Microsoft Login. For more information on how it works and how to integrate Dawiso and Microsoft Entra ID, see Microsoft Entra Synchronization.
To set up your Microsoft Entra SSO, prepare the following information for the Dawiso Customer Success team:
| Required information | Description | How to obtain |
|---|---|---|
| Client ID | Unique identifier for the registered application in Microsoft Entra ID (also called Application ID). | Created during app registration in Microsoft Entra ID. For more information on how to register an application, refer to Microsoft Entra Synchronization. Found in Microsoft Entra ID (previously Azure Active Directory) > App Registrations > (All applications) > Your App Registration > Overview. |
| Tenant ID | Unique identifier for your Microsoft Entra ID tenant (also called Directory ID). | |
| Client Secret | A secure key used for authentication between Dawiso and Microsoft Entra ID. | Created after app registration in Microsoft Entra ID. For more information on how to obtain a client secret, see Microsoft Entra Synchronization. |
| Admin Group | Object ID of the Microsoft Entra ID group assigned admin access. | Found in Microsoft Entra ID under Groups > All Groups > Object ID. |
| Contributor Group | Object ID of the Microsoft Entra ID group assigned contributor access. | |
| Viewer Group | Object ID of the Microsoft Entra ID group assigned viewer access. |
Microsoft Entra self-setup
If your security policies do not allow external access, contact Customer Success to arrange a self-setup.
You will receive the External User Sync application, which you can install on your local device. The application connects to your Microsoft Entra ID tenant and pushes user profiles to Dawiso.