DPA user authentication options

DPA supports Active Directory (AD) and Lightweight Directory Access Protocol (LDAP) authentication. Using your existing authentication infrastructure eliminates the need to duplicate your user accounts in DPA. After you configure AD or LDAP authentication, users can log in with their domain account or a custom user account created by DPA.

AD user authentication

DPA integrates with Windows Active Directory (AD). DPA uses the security group information from AD to assign permissions to groups. To configure DPA user authentication and permissions using AD, see Configure Active Directory or LDAP.

If your repository database is Azure SQL and you are monitoring one or more Azure SQL databases, you can use Azure AD authentication in DPA. To configure DPA user authentication and permissions using Azure AD, see Use Azure AD authentication in DPA.

LDAP user authentication

DPA integrates with most LDAP implementations to assign permissions to groups. To configure DPA user authentication and permissions using LDAP, see Configure Active Directory or LDAP.

Single sign-on

Using single sign-on (SSO), your AD users can log in to DPA without re-entering the domain credentials they used to log in to their operating system. Before you configure DPA for SSO, configure DPA for AD authentication.

Common Access Cards

You can use a Common Access Card (CAC) to log in to Windows and DPA. Before using a CAC, configure DPA for AD, and then for SSO as described in the sections above.