Your authentication method will depend on the required balance
between user security and convenience.
You have several options for user authentication with Jive for Outlook.
The best practice is oAuth, because for most users,
this method will integrate most securely and seamlessly with an
existing SSO implementation. However, the following descriptions provide further information
about each method so you can select the best method for your community. For details on
configuration, see Setting an Authentication Method.
Basic Authentication
With basic authentication, credentials are saved
locally and passed in Base64 format with each http request. This method is the most convenient
(because credentials only need to be provided once), but the least secure.
Session-Based Authentication
Session-based authentication saves
credentials using a cookie, which expires according to the policy you set in Jive or in your
SSO implementation. Session-based authentication is much more secure than basic
authentication, but can require users to provide credentials frequently.
oAuth
OAuth provides a process for client users to authorize third-party
access to their server resources without sharing their credentials (typically, a username and
password pair), using user-agent redirections. In Jive for Outlook, this means that user
credential information is secured within Jive, and then persisted in a token that can be
refreshed for a specified period of time--the default setting is one year. If necessary, the
token can be expired manually at any time by the client user using the Office tab of the
user's Preferences page (accessed from the menu under the user's name). This method best
balances security and convenience.