|Summary||A client supplies an external user ID and password to a SAS server. The SAS server passes the credentials to its host for authentication.1|
|Benefits||No configuration is required. Can enable users to log on to SAS applications with the same credentials that they use in your general computing environment.|
|1 Another form of host authentication, Integrated Windows authentication (IWA), is documented separately.|
The following figure shows one example of how this mechanism works:
Host Authentication (credential-based)
The numbers in the figure correspond to these actions:
The client obtains the user's ID and password (interactively or through credential management). The client sends those credentials to the target server.
The server passes the credentials to its host for authentication.
The host passes the credentials to its authentication provider.
After verifying that the user ID and password correspond to a valid account, the host's authentication provider returns the user's ID to the host.
The host returns the user's ID to the SAS server.
The server accepts the client connection.