Authentication methods overview

The authentication method you choose for your community depends on the required balance between user security and convenience.

You have several options for user authentication with Jive for Office. The method you choose depends on your security requirements and user convenience. The best practice is OAuth because, for most users, this method will integrate most securely and seamlessly with an existing SSO implementation. However, the following descriptions provide further information about each method so you can select the best method for your community. For more information about how to set the authentication method, see Setting up authentication method.

Basic authentication

With basic authentication, credentials are saved locally and passed in Base64 format with each HTTP request. The credentials only need to be provided once. This method is the least secure.

Session-based authentication

Session-based authentication saves credentials by using cookies, which expire according to the policy you set in Jive or in your SSO implementation. Session-based authentication is much more secure than basic authentication but can require users to provide credentials frequently.

OAuth authentication

OAuth provides a process for client users to authorize third-party access to their server resources without sharing their credentials (typically, a username and password pair), by using user-agent redirections. In Jive for Office, this means that user credential information is secured within Jive, and then persisted in a token that can be refreshed for a specified period of time. The default setting is one year. If necessary, the token can be expired manually at any time by the client user using the Desktop Applications tab of the user's Preferences page (accessed from the menu under the user's name). This method best balances security and convenience and is used by default.