User authentication with Active Directory
When an AD user tries to access HCP using a client application that supports Integrated Windows authentication (such as Firefox, Internet Explorer, or Windows Explorer):
- If the user is logged into Windows with a recognized AD user account, HCP accepts the authenticated credentials from the client computer and lets the user access the requested interface by using single sign-on.
- If the user is requesting HCP access with a recognized AD user account that is not the account with which the user is currently logged in to Windows, HCP sends the specified user credentials to AD for authentication. If AD successfully authenticates the user, HCP lets the user access the requested interface.
A recognized AD user account is an AD account for a user who belongs to one or more AD groups with corresponding group accounts in HCP.
NoteTenant administrators can configure individual namespaces not to support single sign-on with HTTP-based interfaces, for example, the HCP Namespace Browser.