Identity management
Who is this article for?
CrashPlan for Small Business, no.
Code42 for Enterprise, yes.
Link: Product plans and features.
Overview
Code42's identity management functionality is an important security feature that allows you to give users access to the right resources within Code42.
Code42 separates the concepts of user authentication and authorization. This approach gives you the flexibility to create and customize your environment based on your organization's needs for security, scalability, employee productivity, and user management.
This article describes the options for connecting your Code42 environment with authentication and provisioning providers for user authentication and authorization:
- Single sign-on (SSO)
- LDAP
- RADIUS
Comparison of authentication and authorization methods
Each method of authentication and authorization has advantages for different situations. This list gives a few of the highlights of each method.
| Method | Capability | Advantages | Disadvantages | Scalability |
|---|---|---|---|---|
| Local | Authentication, authorization, or both |
|
|
|
| LDAP | Authentication, authorization, or both |
|
|
High |
| SSO | Authentication only |
|
|
High |
| RADIUS | Authentication only |
|
|
High |
Compatibility
This table explains which methods of authentication and authorization are compatible.
If you want to use LDAP with SSO or RADIUS, you need to configure them to work together. For more information, click the links in this table.
| Authentication Method | Authorization Method | |
| Local | LDAP | |
| Local | Yes | No |
| LDAP | No | Yes |
| SSO | Yes | Yes. See additional steps. |
| RADIUS | Yes | Yes. See additional steps. |
Authentication
Authentication is the process of identifying and verifying users. In the Code42 platform, this occurs when:
- Users sign in to the Code42 app or administration console
- Users are registered for the first time
You can use any of the following authentication methods:
- Local Code42 platform directory
- LDAP
- SSO
- RADIUS
Each individual user needs a unique username and password. Sharing credentials across multiple users is a large security and data privacy risk because users can download backed up files from every device using the same username.
SSO
Implementing single sign-on (SSO) as the authentication method in your Code42 environment provides security benefits and simplifies the sign-in experience. Code42 single sign on uses SAML 2.0.
Introduction and overview
Configuration instructions
RADIUS
You can connect Code42 to your RADIUS server for user authentication.
Configuration instructions
Advanced topics
Authorization
Authorization is the process of determining what roles and permissions a user is entitled to.
In the Code42 platform, authorization includes user management. User management allows the authority server to automatically activate and deactivate users, move users into organizations, and assign roles to users.
In the administration console, authorization is referred to as the directory service.
You can use either of the following authorization methods:
- Local Code42 platform directory
- LDAP
LDAP
You can connect Code42 to your directory service using LDAP. Once connected, updates to the directory automatically create, update, and delete users in your Code42 environment. You can configure LDAP to authenticate users as well.
Introduction and Overview
Configuration instructions
Still unsure?
Please contact sales for information on our consulting options.