Authentication Service Overview¶
The Authentication Service is a foundational component of the Sidra Data Platform. It is responsible for managing secure user sign-in, session lifecycle, and federated identity integration across all Sidra services and Data Products.
Sidra's authentication layer is built on Keycloak, an open-source identity and access management system that supports industry standards such as OpenID Connect (OIDC) and OAuth 2.0. This ensures compatibility with modern authentication flows and simplifies integration with enterprise environments.
Through its integration with Azure Active Directory (AAD), the Authentication Service supports Single Sign-On (SSO), allowing users to authenticate once with their organizational credentials and gain access to the Sidra Core and any associated Data Products without re-authentication.
In addition to providing a seamless user experience, the Authentication Service enables organizations to enforce centralized security policies. It supports configuration options such as:
- Multi-Factor Authentication (MFA)
- Custom identity providers
- Granular session control policies
This centralized and extensible approach reduces the complexity of managing identity and access across environments, while strengthening the overall security and compliance posture of the Sidra platform.