Introduction to IWA

Integrated Windows Authentication (IWA) is a popular authentication mechanism used to authenticate users on Microsoft Windows servers.

It is a mechanism used by Microsoft Windows NT-based operating systems to authenticate their users to web applications. This is an easy method for users to log in to web applications that use Windows Active Directory as a user store.

This authentication mechanism does not use traditional form-based authentication, where the users must enter credentials in a form. Instead, it uses a browser-based authentication, where the web browser handles the authentication.

In the browser-based authentication method, the browser obtains the user credentials of the logged-in user. It authenticates the user with the help of the Windows server and the active directory.

Benefits of IWA

1. Once a user logs into the Windows domain they can automatically log in to IWA enabled web application within the same domain.
2. Using IWA is secure because IWA uses a hash function and a challenge-response to authenticate the users.

Disadvantages of IWA

1. The client should always be in the same domain as the server. IWA is functional only within the Intranet.
2. For some web browsers (ex: Mozilla Firefox), IWA requires extra configurations.

Enable Integrated Windows Authentication on the browser:

Add the IWA URL in browser settings: