User management and authentication
Convenient contact management and automatic login
Use your directory services and rights assignments via the LDAP application protocol. Conveniently authenticate yourself via the network protocol Kerberos, OAuth 2.0/OpenID Connect, SAML, two-factor authentication using TOTP or passkeys.
User administration
As a directory service, Projektron BCS can work with other programs that query user data via the application protocol LDAP. Whether login data for same sign-on or data on groups of people for assigning rights in the file system – the required data can easily be reused.
The reverse is also possible: you can import data that is stored in other directory services, e.g. in Microsoft Active Directory, into Projektron BCS via the LDAP application protocol. Projektron BCS offers various mapping functions for this. You can also have data that has already been imported automatically updated.
Authentication methods
Various secure methods are available in Projektron BCS for authentication:
- User account with password: The standard method, in which the user name and password are securely managed in Projektron BCS.
- LDAP authentication: Enables central management and authentication via LDAP-based directory services.
- Kerberos: A ticket-based network protocol that allows authentication without transmitting passwords.
- OAuth 2.0 / OpenID Connect: These modern, token-based protocols offer secure authentication to external services such as Microsoft Entra ID or Keycloak.
- SAML: Supports authentication via external identity providers and enables single sign-on (SSO) for a unified login to multiple systems.
- Two-factor authentication (2FA) using TOTP: This method shares a secret between the BCS server and smartphone to generate a 6-digit code using a time-based hash. This code is entered in addition to the password during login to secure authentication. Users can activate this option directly in their user account.
Passkeys
In addition to the authentication methods described, Projektron BCS also offers an innovative and secure alternative to classic password login via Passkeys. This password-free authentication method uses strong, cryptographic key pairs based on open standards such as FIDO2 and WebAuthn. Passkeys not only offer the highest level of phishing protection because they are tied to specific domains, but also enable smooth login without entering usernames or passwords. The user experience is significantly enhanced, while at the same time the administrative burden of password management is eliminated. Passkeys save you time, increase security, and make the login process more user-friendly and efficient.
