External Security
Note
We recommend that you configure MarkLogic Server to authenticate through external security. Moving the authentication process to an external system makes it more difficult for threat actors to access MarkLogic Server.
MarkLogic Server allows you to authenticate user credentials through these external agents:
Certificate Authorities
Kerberos Servers
LDAP Servers
SAML Identity Providers
OAuth Identity Providers
External agents are third-party systems that serve as centralized points of authentication, authorization, or both. You can configure MarkLogic Server and your app servers to authenticate through any number of these external agents. Meanwhile, a user needs to successfully authenticate through only one of them to gain access. That external agent then provides the user information that MarkLogic Server needs to authorize that user, either internally or externally.