In OpenEdge, the authentication system used to authenticate a given user identity is identified by an OpenEdge security domain (or domain). The OpenEdge domain identifies the authentication system and provides a domain access code to validate the identity of all users who are authenticated in a particular domain.

A particular domain also allows all authenticated users to share other common attributes, such as a common tenancy in a multi-tenant database and (through domain authorization settings) access to a common set of database and application resources.

In OpenEdge, a security administrator defines and configures domains in each OpenEdge RDBMS and enables or disables each domain for run-time use. A domain is authentication-enabled if it is enabled for run-time use, and is configured with an authentication system that has access to valid user accounts and supports user authentication. For more information on OpenEdge support for domains and authentication systems, see Authentication systems supported in ABL.