• Windows Authentication: when the WebMap server can directly access the domain controller. Users are authenticated by Windows and IIS. Users and group memberships are managed by Active Directory.
• OpenID Authentication: when domain usernames and passwords are required, but WebMap is hosted remotely. Communication with the domain controller is through Identity Server.
• Identity Authentication: when custom security is required or the domain controller cannot be reached. Also known as Forms Authentication.

Token Options

JSON web tokens (JWT) are provided by the Microsoft Entra service and allows the user access to specific services and resources.

FIELD	DESCRIPTION
Valid Issuer	Entity that issued the token.
Valid Audience	Contains a list of acceptable audience claims that can be present on the token.
Issuer Signing Key	Base64-encoded security keys used to validate signed tokens.
Token Lifespan	Time in minutes during which access tokens remain active.

---