Authentication

Last Updated: April 07, 2026

A user is a unique representation of an authorized individual or entity, including associated attributes, roles, and access privileges in the system. Only Application Admins can manage users. For more details refer to Automate Users.

During the account creation process, you assign roles to a user. Roles grants specific access to various parts of the platform. For more details refer to Roles.

A user can have one or more authentication methods. An authentication method is a way to verify a user's identity when they access the platform. Vasion supports the following authentication methods:

• Vasion: This method is the default and lets you manually create a local account that uses a username and password. You can create local accounts on the Users page.
• Single sign-on (SSO): This method connects an account to a configured identity provider (IdP) An identity provider (IdP) is a system entity that creates and manages identity information for an organization and can be authenticated by a computer system or network. An IdP is referred to as a security principal in Java and Microsoft documentation. An IdP also provides authentication services to relying apps in a federation or distributed network.. You can connect more than one IdP.
• Lightweight Directory Access Protocol (LDAP): This method verifies an account through a directory service that the system admin configured.

The Authentication page shows IdPs configured for your instance.

Vasion supports IdPs with a security assertion markup language (SAML) 2.0 connection, OpenID Connect (OIDC), and Just-in-Time (JIT) provisioning and requires the following:

• Admin or Root Admin role.
• Admin Console access to your SSO provider.
• Full rights to read, add, and register apps with your SSO provider.

Because each provider is different, refer to your provider's documentation for specific configuration details.

About Authentication

Review the following information about authentication methods:

• If you create Vasion local accounts and configure an IdP, users can sign in either by selecting the IdP sign in button or Email Login to use their username and password, unless you turn off their Vasion local authentication method.
• If you create accounts using an IdP connection, you must assign roles to each account.

Configure IdPs in the Vasion Print Admin Console by going to Tools Settings General. When you finish the IdPs populate on the Vasion Automate Authentication page. For more details refer to Identity Providers (IdPs).