# Presentation #### Based on WALLIX Trustelem ##### SAML - OpenID Connect [![SAML.png](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-07/scaled-1680-/saml.png)](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-07/saml.png) ##### LDAP - Radius [![SAML.png](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-07/scaled-1680-/G9Ksaml.png)](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-07/G9Ksaml.png) #### WALLIX Authenticator * Access Manager is compatible with SAML (recommanded), LDAP and Radius * The Bastion is compatible with LDAP and Radius ##### Architecture [![architecture.png](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-07/scaled-1680-/architecture.png)](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-07/architecture.png) ##### Prerequisites [![prerequis.PNG](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-07/scaled-1680-/prerequis.PNG)](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-07/prerequis.PNG) ##### Setup * Add a directory on Trustelem * Trustelem AD Connect: synchronize identities and authenticate AD users * Add a proxy on Trustelem * Trustelem Connect: proxy LDAP/Radius for Bastion authentication * Setup the Bastion on Trustelem and Bastion sides * Setup the Access Manager on Trustelem and Access Manager sides * Define the access rules * Enroll the 2nd factors ##### Available factors * Trustelem Authenticator * Push notification * TOTP code drawing

* TOTP Authenticator * For example: Google Authenticator, Microsoft Authenticator... drawing

* SMS * Additional cost * Not available by default drawing

* USB key * For SAML only (Access Manager) * For example, yubico keys drawing

##### Benefits * Strong authentication for both Access Manager and Bastion: security * Easy and quick to setup: time saving * Improve the management of external users: time saving * Can be extended for the authentication of other apps: with only a license change