Authentication and Keys

You can use the Authentication and Keys page to allow on-premise customers to use credentials issued by an IdP that supports SAML 2.0 to log into
Clarity
. You can also use key-based authentication to generate a personal API key for a specific client based on a user's SSO credentials, access rights, and status settings.
2
Configuring
Clarity
to Support SAML 2.0
Clarity
allows on-premise customers to use the credentials issued by an IdP - that supports SAML 2.0 - and log into
Clarity
.
Some key advantages of using SAML-based SSO login are:
  • Seamless integration between networks and environments: All users can move easily between your organization's intranet and
    Clarity
    .
  • Simplified password management: No need to manage user passwords separately from
    Clarity
    , because your existing user management system handles password management.
  • Simplified Certificate management: Use
    Clarity
    to manage various security certificates.
To learn more about SAML authentication, see Configuring Clarity to Support SAML 2.0.
Key-Based Authentication
Key-based authentication uses a personal API key that is generated for a specific client based on a user's SSO credentials, access rights, and status settings. Key authentication eliminates the need to generate and pass credentials or tokens for every session. Use key authentication in the following scenarios:
  • You want to integrate data between
    Clarity
    and other client applications. Integration architectures can allow users to authenticate through the REST API and accomplish certain
    Clarity
    actions without going into the user interface.
  • Your
    Clarity
    instance is using SSO for authentication.
For example,
Rally
integration could make webhook calls to read
Clarity
project data personalized for the current user. For project managers, third-party integration could read and update resource allocation data in
Clarity
based on external application triggers such as other users updating a JIRA Kanban board.
To learn more about key-based authentication, see REST API Authentication.