You can define Single Sign-On, SSO, to a CTERA Portal either in Active Directory using the Kerberos protocol or using an external identity provider providing support for Security Assertion Markup Language, SAML 2.0.

When SSO is enabled on the portal, users' passwords are not stored on CTERA Portal.

When both types of SSO are defined, when a user opens the CTERA Agent, Active Directory using the Kerberos protocol, is used to access the portal.