Blindata offers various authentication methods to secure access to your data platform, depending on your deployment type: SaaS, on-premise, or dedicated instances.

SaaS Deployment

For SaaS deployments, Blindata provides the following built-in authentication options:

• Basic Username and Password: This is the most common authentication method, where users create credentials within Blindata to access the platform.
• Microsoft Entra Sign-In: (Formerly Azure AD) Integrate seamlessly with your existing Microsoft environment, allowing users to leverage their familiar Microsoft credentials for secure and convenient access.
• Google Workspace Sign-In: Enable users to sign in using their Google Workspace accounts, simplifying login management and enhancing user experience for organizations utilizing Google Workspace.

These pre-configured options offer a quick and secure way to manage user access within the SaaS environment.

On-Premise and Dedicated Instances

In addition to the previously discussed methods, Blindata offers integration with your preferred OpenID Connect (OIDC) provider, allowing users to log in using their existing credentials from that provider. This provides flexibility and centralized authentication for on-premise and dedicated deployments.

Blindata supports two common OIDC grant flows for custom OIDC provider integration:

• Implicit Flow: This simplified flow directly returns an access token to the browser after successful user authentication. While convenient, it’s generally considered less secure due to the exposure of the access token within the browser’s address bar. (Security Note: Due to security concerns, this flow is being discouraged by modern OIDC implementations.)
• Authorization Code Flow: This more secure flow involves an intermediate authorization code. The browser receives the code after user authentication, and Blindata exchanges this code with the OIDC provider for an id token on the server-side.