Authentication and Authorization

In A10 Control, Organization Admins are responsible for creating user accounts and managing authentication and authorization settings within the organization’s account.

By default, both user authentication and authorization are managed locally within A10 Control. In this local mode, user credentials, session data, and access privileges are stored and managed locally in A10 Control.

A10 Control also supports remote authentication and authorization through integration with:

• External identity providers such as Okta and Azure Active Directory (Azure AD)
• Directory services accessed via LDAP and LDAPS
• Terminal-based authentication using TACACS+

Table 36 : Supported Authentication Protocols and Types

Parameter	Description
Protocols - Defines how the communication or authentication happens.
LDAP	Lightweight Directory Access Protocol
LDAPS	LDAP over SSL/TLS (secure LDAP)
OIDC	OpenID Connect (built on OAuth 2.0)
TACACS+	Terminal Access Controller Access-Control System Plus
Authentication Types - Defines where/how the user is authenticated.
Local	Authentication happens directly on the local device/system.
Remote	Authentication is managed by an external identity provider or directory. Identity Provider examples: Okta - Common IDP for enterprise SSO Azure AD - Microsoft Azure Active Directory
MFA	Multi-Factor Authentication (an additional security layer which can be used with remote authentication).
Authorization Models - Defines user permissions based on roles.
RBAC	Role-Based Access Control.

See also

• Local Authentication and Authorization
• Remote Authentication and Authorization