TABLE OF CONTENTS
- Portal Authentication Overview
- How Portal Authentication Works
- Accessing the Portal Authentication Rule Editor
- Portal Authentication Rule Layout
- Configuration Settings
- Creating a Portal Authentication Rule
- Editing the Content of the Authentication Page
- Setting Up Windows/Azure Authentication
- Further Support
Portal Authentication Overview
Portal authentication is a network access control mechanism requiring users to verify their identity through a web portal before accessing ManagementStudio resources. This built-in feature helps prevent unauthorised access, allowing administrators to control and monitor who is able to access sensitive data.
How Portal Authentication Works
When enabled, portal authentication prompts users with a login page requiring credentials (such as username and password, or a one-time access code). These credentials are validated against an authentication server. Access is granted if the credentials are valid; otherwise, access is denied, and the user may be asked to re-enter their details.
Accessing the Portal Authentication Rule Editor
To create or edit portal authentication rules:
- Navigate to
Administration → Portal Settings. - Select either
New Wrapperor an existing wrapper. - Scroll down to the
Authenticationpanel. - Click
Newto add a new authentication rule.
Portal Authentication Rule Layout
| UI Element | Description |
|---|---|
| Rule Label | The label displayed in the authentication selection dropdown. |
| This page requires authentication | Requires users to be authenticated in ManagementStudio/AD/Azure to access the page. Disabling this allows open access to anyone with the URL. |
| Show Help | Provides additional information on the configuration options. |
Authentication Levels
- Grid User with AD/Azure Login: Users present in AD and/or Azure who must also be in the User Migrations Grid.
- ManagementStudio Login: Standard ManagementStudio user accounts.
- AD or Azure Login: Users in AD and/or Azure not necessarily present in the User Migrations Grid.
Authentication Types
- Native MS Auth: Authenticates using ManagementStudio username and password.
- Local AD Auth: Authenticates using credentials from the local Active Directory domain.
- Azure AD Auth: Authenticates using a configured Azure Active Directory domain.
- One-Time-Pass: Authenticates via an automatically generated numeric code.
Only available for users listed in the grid and domain users. The user’s email address must be present in the system.
Note: Only one authentication level may be selected at a time.
Configuration Settings
The following table summarises available authentication types by authentication level:
| Authentication Level | Authentication Types | Example |
|---|---|---|
| Grid User with AD/Azure Login | Local AD Auth, Azure AD Auth, One-Time-Passcode |  |
| ManagementStudio Login | Local AD Auth, Azure AD Auth, Native MS Auth |  |
| AD or Azure Login | Local AD Auth, Azure AD Auth |  |
Creating a Portal Authentication Rule
To add a new authentication rule:
- Navigate to
Administration → Portal Settings. - Select either
New Wrapperor an existing wrapper. - Scroll to the
Authenticationpanel. - Click
New. - In the rule editor:
- Enter a meaningful name for the authentication rule.
- Enable the checkbox
This page requires authentication. - Select the desired authentication type and level.
- Optionally, add further restrictions by Blueprint Id, Blueprint Folder Id, DeployUnit Id, or Role Group Id (see below).
- To add restrictions, click
Click here to add new item. - Click
Saveto apply changes.
| Restriction Type | Authentication Type |
|---|---|
| Role Group | ManagementStudio Login |
| Blueprint/Deployment Unit (DU) | User Grid w/AD or Azure Login |
Editing the Content of the Authentication Page
Login page content can be customised via the authentication settings in each wrapper. Most elements are editable.
To customise the authentication page:
- Navigate to
Administration → Portal Settings. - Select either
New Wrapperor an existing wrapper. - Scroll to the
Authenticationpanel. - Click
Newto create orEditto modify an existing rule. - Scroll to the
Customise the Multi-Auth Log in Pagepanel.
| UI Element | Description |
|---|---|
| Header Block | HTML content shown at the top of the page. |
| SubHeader Block | HTML subheader content at the top of the page. |
| Footer Block | HTML content shown at the bottom of the page. |
| Disable the 'Authentication required. Please choose from the authentication options below' message | Hides the default message below the subheader. |
| Native Auth Block | Custom message for the ManagementStudio (Native MS Auth) authentication type. |
| Native Auth Button Label | Text for the ManagementStudio login button. |
| AD Auth Block | Custom message for Local AD Auth type. |
| AD Auth Button Label | Text for the Windows authentication button. |
| Azure Auth Block | Custom message for Azure AD Auth type. |
| Azure Auth Button Label | Text for the Azure AD authentication button. |
| OTP Auth Block | Custom message for the One-Time-Pass authentication type. |
| OTP Auth Button Label | Text for the OTP authentication button. |
| Allow users without access to sign-up and request access | Enables self-service access request via a portal form. |
| Sign-Up Portal Form Id | ID of the custom portal form used to request access (must be pre-created). |
| Sign-Up Block | Description or instructions shown to users during sign-up. |
| Sign-Up Button Label | Text displayed on the sign-up button. |
Setting Up Windows/Azure Authentication
To enable Windows Authentication:
- Install the Windows Authentication role service.
- Enable Windows Authentication for the ManagementStudio website.
Refer to the following article for detailed setup instructions:
How to Allow Portal Login
Further Support
For additional help, visit the ManagementStudio Service Desk to search the knowledge base or raise a support ticket.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article