About fallback from federated authentication

Overview

Fallback from federated authentication allows users to login to Blueprint using a username and password in addition to federated authentication. Blueprint supports both database and Windows (that is, LDAP) authentication when authenticating a user in fallback mode.

Tip: We recommend that at least one instance administrator has this option enabled. If your federated authentication fails for any reason (example: expired certificate), this user will be able to login to Blueprint with a username and password to fix the issue.

Any number of users can be configured for fallback. When federated authentication is enabled, all users (by default) are enabled for fallback authentication. However, the user cannot login to Blueprint using the fallback method unless a password is configured for the user. When fallback is enabled, a password must be explicitly set for the user.

How do I enable 'fallback from federated authentication'?

This option can be enabled and disabled on the Users tab in the Instance Administration Console. The setting is called Allow fallback from federated authentication. This setting must be configured for each user.

The fallback authentication only appears as a option for users when federated authentication is enabled.

Learn More

About federated authentication

Managing users