Authentication overview
There are two aspects of authentication
through the DevOps Plan Schema API:
- AuthenticationAlgorithm, for enabling or disabling a schema repository to allow LDAP authentication.
- AuthenticationMode, for selecting the mode of authentication for individual DevOps Plan users.
The AuthenticationAlgorithm allows LDAP authentication that uses existing user LDAP authentication names, which may not match DevOps Plan user account names.
The DevOps Plan user profile field that is used for correlating LDAP user records to DevOps Plan user records is the CQLDAPMap field.
You can specify a CQLDAPMap field (using the installutil command line utility) to map a DevOps Plan user profile field to an LDAP field value for LDAP authentication.
The authentication method used for an individual user is determined by the AuthenticationMode specified for that user, not the AuthenticationAlgorithm.