Central Authentication Server (CAS) Overview
The Central Authentication Server (CAS) establishes and manages the trust relationships among Vuforia products participating in the single sign-on (SSO) framework. Acting as a broker, the CAS facilitates secure interactions between applications by authorizing user logins post-authentication and by issuing and validating access tokens exchanged between service providers and resource servers.
Deployment Considerations for CAS
When deploying a CAS, consider the following best practices to ensure a secure and reliable SSO environment:
• Session Duration Alignment—Review the maximum validity period for user login sessions. Evaluate whether consistent session durations should be enforced across all applications integrated into your SSO solution.
• Time Skew Tolerance—Ensure that all participating systems operate within an acceptable time skew tolerance. Discrepancies in system clocks that exceed the configured skew threshold may result in authentication failures and configuration errors.
Supported Authentication Flows
Vuforia products enabled for SSO support the following authentication flows, leveraging standard protocols: