> For the complete documentation index, see [llms.txt](https://docs.devolutions.net/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.devolutions.net/server/web-interface/administration/configuration/server-settings/general/authentication.md).

# Authentication

{% hint style="warning" %}
The SQL authentication will be enabled after the migration. It will however not be possible to create users with that authentication type. The goal is only to support the migration and it is advised to disable the SQL authentication once all users are migrated.
{% endhint %}

The Authentication section allows the administrator to select which authentication types can be used to connect on Devolutions Server.

![](https://cdnweb.devolutions.net/docs/DVLS4252_2026_1.png)

### Settings

#### Authentication modes

{% hint style="info" %}
The machine hosting Devolutions Server must be joined to the configured domain for Windows Authentication to work.
{% endhint %}

<table><thead><tr><th width="358">Option</th><th>Description</th></tr></thead><tbody><tr><td><strong>Authenticate with domain user</strong></td><td>The domain is used to authenticate the user.</td></tr><tr><td><strong>Authenticate with Microsoft user</strong></td><td>AzureAD is used to authenticate the user.</td></tr><tr><td><strong>Authenticate with Okta user</strong></td><td>Okta is used to authenticate the user.</td></tr><tr><td><strong>Authenticate with PingOne user</strong></td><td>PingOne is used to authenticate the user.</td></tr><tr><td><strong>Authenticate with</strong> <strong>Devolutions Server</strong> <strong>user</strong></td><td>The Devolutions Server is used to authenticate the user. You must create the initial user through the Devolutions Server Console.</td></tr><tr><td><strong>Authenticate with contractor user</strong></td><td>Allow authentication with a contractor user, i.e., a temporary user with limited access rights and UI options.</td></tr><tr><td><strong>Primary authentication method</strong></td><td>By selecting a primary authentication method, users who do not already have a personalized choice of authentication type for the login page will be automatically directed to the chosen method.</td></tr><tr><td><strong>Domain single sign-on (SSO)</strong></td><td><a href="https://docs.devolutions.net/server/kb/how-to-articles/configure-windows-authentication/">Domain single sign-on (SSO)</a> requires further configuration on your IIS server.</td></tr><tr><td><strong>Enable Emergency Code authentication</strong></td><td>The application will send an email that contains an emergency code to authenticate if any of the above authentication methods are not working. The <a href="https://docs.devolutions.net/server/web-interface/administration/configuration/server-settings/general/email/">Email</a> setting is required for this option to work.</td></tr></tbody></table>

#### Configuration

<table><thead><tr><th width="234">Option</th><th>Description</th></tr></thead><tbody><tr><td><strong>Domain</strong></td><td>Configure the <a href="https://docs.devolutions.net/server/web-interface/administration/configuration/server-settings/general/authentication/domain/">Domain</a> type.</td></tr><tr><td><strong>Microsoft Authentication</strong></td><td>Configure the <a href="https://docs.devolutions.net/server/web-interface/administration/configuration/server-settings/general/authentication/office-365/">Office365</a> type.</td></tr><tr><td><strong>Okta Authentication</strong></td><td>Configure the <a href="https://docs.devolutions.net/server/kb/how-to-articles/okta-configuration/">Okta</a> type.</td></tr><tr><td><strong>PingOne Authentication</strong></td><td>Configure the <a href="https://docs.devolutions.net/server/web-interface/administration/configuration/server-settings/general/authentication/pingone/">PingOne</a> type.</td></tr><tr><td><strong>Authentication migration</strong></td><td>Migrate the authentication method of the existing user account to another authentication method or another domain in Active Directory or Azure Active Directory.</td></tr></tbody></table>

#### See also

* [Devolutions Academy – Importing users in Devolutions Server](https://academy.devolutions.net/student/path/2628397/activity/4280879)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.devolutions.net/server/web-interface/administration/configuration/server-settings/general/authentication.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.