Understanding the Authentication Process

The Analytics Security Provider is a single sign-on solution for FactoryTalk Analytics applications. Applications point to this server and are also secured by this server. The open protocol standard OpenID Connect is used to secure your applications. Web browsers redirect a user's browser from the application to the Analytics Security Provider authentication server. Here, the User will enter their credentials. Users are completely isolated from the applications and the applications will never see any User's credentials which protects against stolen IDs and passwords. Instead, identity tokens that are cryptographically signed are given to the applications. They can have identity information like username, email, and other profile data. Additionally, the tokens may hold permission data so that applications can make authorization decisions.