User authentication login methods overview (Enhanced login)¶
Note
Lightrun version 1.50 introduced enhanced login features designed to improve security, simplify administrative workflows, and enhance the user experience. To enable these features, upgrade to version 1.50 or later and activate the enhanced login experience. For more information, see Enhanced Login experience guide.
To debug using the Lightrun plugin, users in your organization must first be registered in the Lightrun Management Portal and authenticate against the Lightrun server. Administrators must configure a login method to define how users authenticate, along with a provisioning method to control user registration in the Lightrun Management Portal. For information on provisioning users in Lightrun, see Provisioning users in Lightrun overview.
Lightrun supported login methods¶
Lightrun supports a multitude of industry-standard login methods to ensure both security and convenience for its users. The supported methods include:
User-defined password login¶
This method allows users to create a unique password to secure their accounts, offering a straightforward and familiar authentication method. This requires users to manage their credentials responsibly, including creating strong passwords. In addition, the default password policy provides an extra level of security.
On-premise deployments only
In on-premise deployments without an SMTP service, administrators can manually generate a password link and send it directly to users. For more information, see Password login without an SMTP service.
Google login¶
This method allows users to log in securely using their existing Google accounts, leveraging OAuth 2.0 for robust authentication. By using Google as an identity provider, this approach eliminates the need for users to manage separate credentials for Lightrun. It enhances security by incorporating Google's advanced protective measures, such as two-factor authentication (2FA) and account recovery options. Additionally, this method streamlines the login process, reducing friction for end users while maintaining enterprise-grade security standards.
The most common way to work with Google login is in combination with self-service, allowing users to sign up using their Google accounts. In such cases, customers have the option to control the domains from which users can sign up, offering further flexibility and security for user management.
SSO (Single Sign-On)¶
This method enables members of your organization to log in to Lightrun using credentials stored in Identity Providers (IdPs) like Okta or Microsoft Entra ID (formerly Azure AD). SSO streamlines authentication by providing a centralized login process, reducing the need for multiple passwords across applications. It also enhances security by consolidating access management through a single, trusted system. For more information, see Lightrun Single Sign-On (SSO).
Set the login method for your organization¶
- In the Lightrun Management Portal, select Settings.
- Navigate to Identity and Access Management > Identity Configuration > Identity Configuration page.
- From the Login methods list, select your preferred login method:
- Password
- Single Sign-on (SSO)