I am tasked with preparing my organisation to take your platform. I need some details about how users logon.
Our platforms utilise modern cloud-based technologies to ensure that a user is authorised and authenticated. Once you have 'on boarded' your user in the platform, then you can take advantage of federated authentication.
We support Microsoft Azure (often known as Work & School accounts) as well as Google logins (which can additionally support customers using the GCP authentication platform).
These logon technologies utilise OAuth2 tokens and Claims. They can also support Multi-Factor Authentication (MFA) and Single Sign-On (SSO) where supported on the device.
For a large organisation with an Active Directory (AD) environment, by linking that AD to Azure Active Directory (AAD), perhaps with the Active Directory Federation Services (ADFS) service, so that full organisational integration can be achieved. Other Customers will be cloud-only, so those user accounts are only provisioned within a cloud-based 'console'. How much you integrate is up to you.
Note that we expect devices to be protected at the organisational level with a suitable device management platform (MDM). Platforms such as Microsoft Intune or Blackberry BES spring to mind.
It is a good idea to implement 'Zero Trust' principles to your cloud-first IT provisioning. With the support of our platforms, by using modern authentication technologies we help you toward achieving Zero Trust.