AuthLink Authentication Workflow

In this type of authentication, a user's login credentials are authenticated against an external authorization server that operates according to Jacada Interact's security specification. An implementation of this authentication type, using LDAP authentication, is provided out-of-the-box.

In AuthLink authentication, the Interaction Server does not communicate directly with the LDAP server, and authentication credentials are not sent to the Interaction Server. Instead, an AuthLink server is used as a intermediary to pass user credentials to the LDAP server, and generate an access token upon successful authentication.

When users are working with the standalone Agent Application, the AuthLink authentication process is triggered according to the Requires Login setting defined in the Admin Console:

Login required: Users need to provide credentials (via the Login page) in order to access the application. For details, refer to Server Access Authentication Flow.

Login not required: Users need to provide credentials (via the Login page) only if they wish to access secured Interactions. For details, refer to Secured Interaction Authentication Flow.

tog_minusServer Access Authentication Flow

In this setup, users are required to login to the application itself. Once authenticated, they do not need to provide credentials to access secured Interactions (unless the access token has expired).

The server access authentication flow involves 4 phases, which are presented in the following diagram.

Server Access Authentication Flow

Phase

Process

1

The user enters the access URL in the browser, and is presented with the Login page. The user then logs in against the LDAP server. Credentials are sent to the LDAP server via the AuthLink Server.

2

Upon successful authentication, an access token is generated and sent to the Interaction Server, via the AuthLink Server. The access token is saved for future use.

3

The user requests access to a secured Interaction. The access token is validated against the AuthLink Server.

4

Upon successful validation, an instance of the secured Interaction is created, and the first page is loaded to the Agent Application.
tog_minusSecured Interaction Authentication Flow

In this setup, users are required to login only to access secured Interactions. Once authenticated, they do not need to provide credentials to access additional secured Interactions (unless the access token has expired).

The secured Interaction authentication flow involves 4 phases, which are presented in the following diagram.

Secured Interaction Authentication Flow

Phase

Process

1

The user requests access to a secured Interaction, and is redirected to the Login page.

2

The user logs in against the LDAP server. Credentials are sent to the LDAP server via the AuthLink Server. Upon successful authentication, an access token is generated and sent to the Interaction Server, via the AuthLink Server.

3

The access token is validated against the AuthLink Server.

4

Upon successful validation, an instance of the secured Interaction is created, and the first page is loaded to the Agent Application.