Skip to main content
Code42 Support

User Authentication And Authorization Methods

Applies to:
  • Code42 CrashPlan (previously CrashPlan PROe)

Overview

The Code42 platform supports several methods for user authentication and authorization. Authorization in the Code42 environment also includes user management. This article defines authentication and authorization, and explains which methods of authentication and authorization work together.

Authentication And Authorization

The Code42 platform separates the concepts of user authentication and authorization, allowing administrators great flexibility in creating an environment that is highly customized to the needs of their organization in terms of security, scalability, employee productivity, and user management.

Authentication

Authentication refers to the process of identifying and verifying users. In the Code42 platform, this occurs when:

  • Users sign in to the CrashPlan app or administration console
  • Users are registered for the first time

Authentication can be done using the following methods:

  • Local Code42 platform directory
  • LDAP
  • Single Sign-On (SSO)
  • RADIUS

Authorization And User Management

Authorization refers to the process of determining what roles and permissions a user is entitled to.

In the Code42 platform, authorization includes user management. User management allows the master server to automatically activate and deactivate users, move users into organizations, and assign roles to users.

In the administration console, authorization is referred to as the directory service.

Authorization can be done using the following methods:

  • Local Code42 platform directory
  • LDAP

Comparison Of Authentication And Authorization Methods

Each method of authentication and authorization has advantages for different situations. This list is not exhaustive, but gives a few of the highlights of each method.

Method Capability Advantages Disadvantages Scalability
Local Authentication and/or authorization
  • Default method
  • No extra setup
  • User database backed up by Code42 environment daily backup with optional remote backup
  • No automated user management
  • Not integrated into centralized directory service or SSO provider

 

  • Medium
  • Can upload multiple users in a text file
LDAP Authentication and/or authorization
  • Complexity
  • Requires third-party product or service
High
SSO Authentication only
  • User can sign in once and access all IT services
  • Centralized
  • Convenience
  • Requires third-party product or service
  • Complexity
High
RADIUS Authentication only
  • Centralized
  • Two-factor authentication
  • Auditing
  • Requires third-party product or service
High

Considerations

For some combinations of authentication and authorization/user-management, you must take further steps. See the relevant articles by clicking the links in the compatibility table below.

Compatibility Table

This table explains which methods of authentication and authorization are compatible. To find out if a particular combination of authentication and authorization methods is compatible, simply choose the desired authentication method and the desired authorization method, and then find the cell where the two intersect.

Authentication Method Authorization Method
Local LDAP
Local Yes No
LDAP No Yes
SSO Yes Yes
RADIUS Yes Yes