Valid Credentials
When authentication is required, requests must have a valid MashZone NextGen session for an existing authenticated user or must supply either user credentials or digital certificate for authentication or an SSO token or ticket for a user that has been authenticated by the SSO solution. MashZone NextGen uses certificates, tokens or tickets to obtain the user’s identity.
MashZone NextGen supports the following mechanisms to obtain user credentials or user IDs:
Basic authentication using username and passwords. This is authenticated against the
MashZone NextGen User Repository which may be a database or your LDAP Directory. See
Use the Default
MashZone NextGen
User Repository for more information.
Note: This is the only mechanism for obtaining user credentials that is supported by the MashZone NextGen Mobile apps.
Single Sign-On (SSO) solutions which are configurable. With SSO enabled,
MashZone NextGen delegates authentication to the SSO solution. Typically, configuration identifies an SSO token, ticket or cookie that
MashZone NextGen uses to verify authentication with the SSO solution and to obtain the user ID. See
Authentication with Single Sign-On Solutions for more information.
If an authenticated request has no
MashZone NextGen session,
MashZone NextGen starts a new session and generates a
MashZone NextGen session cookie. See
Sessions and Timeouts for more information.