To specify a system type in a domain configuration, the authentication system must already be configured in the OpenEdge database. The built-in authentication systems are pre-configured in every OpenEdge RDBMS and cannot be deleted or changed other than to configure ABL callbacks to extend the built-in user authentication and SSO mechanisms.

You can define one or more user-defined authentication systems by specifying names and other configuration options for them in the database administration tools. For example, in the Data Administration utility, use the Admin > Security > Domain Maintenance > Authentication Systems menu option. To create a new authentication system, click Create, then enter its name in the Domain Type field and other options as required. You cannot specify a leading underscore (_) in the authentication system name, as this is reserved for OpenEdge built-in authentication systems. You can also edit an existing authentication system by selecting it in a list and changing any options that are enabled for input.

Two of the most important options to set in a user-defined authentication system configuration include the field to specify an ABL callback and the toggle box for indicating whether the authentication system supports only OpenEdge SSO operations (where a callback is optional) or supports OpenEdge user authentication operations as well (where an authentication callback is required).

You can use the ABL API for Multi-tenant Maintenance to configure user-defined authentication systems. For more information on this API and how to create and configure ABL callbacks for authentication systems, see OpenEdge Development: Programming Interfaces.