User Accounts & Identity Services
Agility Blue Identity Services is a collection of tools and services designed to manage and maintain user accounts and resource identities that need access to Agility Blue’s protected resources.
Typically, each person has one Agility Blue identity account, though there may be multiple ways to log into that account, depending on how your organization is set up.
There are two primary types of authentication methods available in Agility Blue:
Local Authentication (Username and Password)
External Authentication (Single Sign-On)
Local Authentication (Username and Password)
Local authentication follows the traditional username and password model to access Agility Blue.
Every Agility Blue account supports local authentication by default, though this can be disabled for enterprise instances by contacting support.
Users can optionally enable two-factor authentication (2FA) for added security when using this login method.
External Authentication (Single Sign-On)
External authentication allows users to log in using credentials from a third-party identity provider (IdP), such as:
Microsoft® Includes Azure Entra (formerly known as Azure Active Directory or AAD) and Microsoft 365 accounts using Microsoft’s OpenID implementation.
Google® Uses Google’s OAuth2 implementation.
SAML2 (Enterprise subscriptions only)
To support implementations not listed above, such as Okta® or OneLogin®
This process is commonly referred to as Single Sign-On (SSO).
Heads Up!
Before a user can log in with an external provider, the external identity must first be linked to the user’s Agility Blue account. External accounts can automatically be linked if it matches the same Agility Blue account email address.
Comparison of Authentication Methods
The table below highlights the key differences between Local Authentication (Username and Password) and External Authentication (Single Sign-On) in Agility Blue:
Feature | Local Authentication | External Authentication (SSO) |
|---|---|---|
Login Credentials | Username + Password | Credentials from a third-party provider (Google, Microsoft, etc.) |
Availability | Available to all Agility Blue accounts | Available only if linked to an Agility Blue account |
Two-Factor Authentication | Supported | Managed by the external provider |
Password Management | Managed within Agility Blue | Managed by the external provider |
Account Recovery | Handled by Agility Blue | Handled by the external provider |
Convenience | Requires separate Agility Blue credentials | Allows use of existing work or personal credentials |
Security | Optional 2FA for added protection | Inherits security policies from the external provider |
Single Sign-On Support | ❌ | ✅ |
Summary
Use Local Authentication if you want to fully manage user credentials and control password policies directly within Agility Blue.
Use External Authentication (SSO) to allow users to log in with credentials they already use for other services, reducing the need to remember multiple passwords and improving the user experience.