The Authentication section allows the administrator to select which authentication types will be used to connect on Devolutions Server.

Adminsitration – Server Settings – Authentication
Adminsitration – Server Settings – Authentication


Authentication Modes

The machine hosting Devolutions Server must be joined to the configured domain for Windows Authentication to work.

Option Description
Authenticate with domain user The domain is used to authenticate the user.
Authenticate with Microsoft user AzureAD is used to authenticate the user.
Authenticate with Okta user Okta is used to authenticate the user.
Authenticate with PingOne user PingOne is used to authenticate the user.
Authenticate with Devolutions Server user The Devolutions Server is used to authenticate the user. You must create the initial user through the Devolutions Server Console.
Primary authentication method By selecting a primary authentication method, users who do not already have a personalized choice of authentication type for the login page will be automatically directed to the chosen method.
Domain single sign-on (SSO) Domain single sign-on (SSO) requires further configuration on your IIS server.
Enable Emergency Code authentication The application will send an email that contains an emergency code to authenticate if any of the above authentication methods are not working. The Email setting is required for this option to work.


Option Description
Domain Configure the Domain type.
Microsoft Authentication Configure the Office365 type.
Okta Authentication Configure the Okta type.
PingOne Authentication Configure the PingOne type.
Authentication migration Migrate the authentication method of the existing user account to another authentication method or another domain in Active Directory or Azure Active Directory.
Give us Feedback