Authenticate Users
Authentication is the process of verifying and validating the identity of a user. In other words, knowing that the user is who they claim to be.
The C3 Agentic AI Platform supports two authentication mechanisms: Single sign-on (SSO) using SAML 2.0 and single sign-on using OpenID Connect (OiDC).
OpenID connect single sign-on
The C3 Agentic AI Platform supports OpenID Connect authentication with both the implicit flow and the authorization code flow to any certified OpenID Provider.
Implicit Flow: This flow is typically used for browser-based or mobile applications where the client can directly obtain an ID token and access token from the authorization endpoint without an intermediate authorization code.
Authorization Code Flow: This flow involves an additional step where authorization endpoint issues an authorization code, which is then exchanged for tokens (ID token and access token) at the token endpoint. This flow is suitable for server-side applications where tokens should be securely exchanged.
Refer to the topics Integrate Microsoft Entra ID and OpenID Connect and Okta integration for more details about the configuration steps for the Implicit and Authorization Code flow.
See OpenID Connect Authentication for more information about using OIDC with the C3 Agentic AI Platform.
SAML 2.0 single sign-on
The C3 Agentic AI Platform supports SAML 2.0 Service Provider (SP) and Identity Provider (IdP) initiated Single Sign-On (SSO).
Refer to the topic Authentication Using SAML for details about configuring SAML with the C3 Agentic AI Platform.