Authentication provider type

Authentication Provider Types are types of authentication flows that the system can be configured to allow users to authenticate. Authentication Provider Types cannot be added or removed from a system, but they can be enabled or disabled.

You can programmatically interact with authentication providers using the IAuthProviderTypeManager interface. You can also use the Auth Provider Type Manager REST service for cross-platfrom and browser-based applications.

This page contains the following information:

See these related pages:

Authentication provider type fundamentals

Before programmatically interacting with authentication provider types, familiarize yourself with the Relativity authentication provider user interface and review the information in the Relativity Documentation site. Note there is a strong correlation between the API operations and object properties and the user interface elements.

Use these guidelines when working with authentication providers:

  • To access the IAuthProviderTypeManager interface, add the Relativity.Services.Interfaces.dll reference to your Visual Studio project. The file can be found in the Relativity SDK. For more information, see Set up your development environment.
  • Wrap the IAuthProviderTypeManager interface proxy in a using block.

Read an authentication provider type

To read an authentication provider type, call the ReadAsync() method of the IAuthProviderTypeManager interface passing it the provider name:

public Task<Relativity.Services.Security.Models.AuthProviderType> GetAuthenticationProviderTypeByName(Relativity.Services.ServiceProxy.ServiceFactory serviceFactory, string name) 
{ 
    using (var authProviderTypeManager = serviceFactory.CreateProxy<Relativity.Services.Security.IAuthProviderTypeManager>()) 
    { 
        return authProviderTypeManager.ReadAsync(name); 
    } 
}

Read all authentication provider types

To read all available authentication provider types, call the ReadAllAsync() method of the IAuthProviderTypeManager interface:

public  Task<IEnumerable<Relativity.Services.Security.Models.AuthProviderType>> GetAllAuthenticationProviderTypes(Relativity.Services.ServiceProxy.ServiceFactory serviceFactory) 
{ 
    using (var authProviderTypeManager = serviceFactory.CreateProxy<Relativity.Services.Security.IAuthProviderTypeManager>()) 
    { 
        return authProviderTypeManager.ReadAllAsync(); 
    } 
}

Update an authentication provider type

To enable an authentication provider type, call the UpdateAsync() method of the IAuthProviderTypeManager interface and pass it the provider name and the enabled parameter:

string providerTypeName = "Password";
bool enabled = true;
using (var authProviderTypeManager = serviceFactory.CreateProxy<Relativity.Services.Security.IAuthProviderTypeManager>())
{
	await authProviderTypeManager.UpdateAsync(providerTypeName, enabled);
}

To disable an authentication provider, call the UpdateAsync() method of the IAuthProviderTypeManager interface and pass it the provider name and the disabled parameter:

Auth Provider Type Manager REST service

The Auth Provider Type Manager service allows you to interact with authentication provider from browser-based and cross-platfrom applications. The service provides the same set of operations as the IAuthProviderTypeManager .NET interface - read, read all, and update.

Read an authentication provider type

To read an authentication provider type, send a POST request to the following Auth Provider Type Manager service URL:

<host>/relativity.rest/api/Relativity.Services.Security.ISecurityModule/Auth%20Provider%20Type%20Manager/ReadAsync

Sample JSON request payload:

{
  "Name": "Password"
}

Sample JSON response payload:

{
  "Name": "Password",
  "Type": "Local",
  "Description": "Authenticate using an e-mail address and a password.",
  "IsEnabled": true
}

Read all authentication provider types

To read all available authentication provider types, send a POST request to the following Auth Provider Type Manager service URL:

<host>/relativity.rest/api/Relativity.Services.Security.ISecurityModule/Auth%20Provider%20Type%20Manager/ReadAllAsync

Sample JSON response payload:

[
  {
    "Name": "Password",
    "Type": "Local",
    "Description": "Authenticate using an e-mail address and a password.",
    "IsEnabled": true
  },
  {
    "Name": "Integrated Authentication",
    "Type": "External",
    "Description": "Authenticate using integrated Kerberos / NTLM.",
    "IsEnabled": true
  },
  {
    "Name": "Active Directory",
    "Type": "Local",
    "Description": "Authenticate using an e-mail address and an Active Directory password.",
    "IsEnabled": true
  },
  {
    "Name": "Client Certificate",
    "Type": "External",
    "Description": "Authenticate using a client SSL certificate. PIV cards users can authenticate with this mechanism.",
    "IsEnabled": true
  },
  {
    "Name": "RSA",
    "Type": "Local",
    "Description": "Authenticate using an e-mail address and RSA token",
    "IsEnabled": true
  },
  {
    "Name": "OpenID Connect",
    "Type": "External",
    "Description": "Authenticate using an external OpenId Connect provider.",
    "IsEnabled": true
  },
  {
    "Name": "SAML2",
    "Type": "External",
    "Description": "Authenticate using an external SAML2P provider.",
    "IsEnabled": true
  }
]

Update an authentication provider type

To enable an authentication provider type, send a POST request to the following Auth Provider Type Manager service URL:

<host>/relativity.rest/api/Relativity.Services.Security.ISecurityModule/Auth%20Provider%20Type%20Manager/UpdateAsync

The following is a sample JSON request payload for enabling password authentication type:

{
  "Name": "Password",
  "IsEnabled": "True"
}