# Authentication

Chamilo supports multiple authentication methods, from the built-in username/password system to enterprise single sign-on solutions.

## Configuration file

All external authentication methods are configured in `config/authentication.yaml`. A template is provided at `config/authentication.dist.yaml`. The general structure is:

```yaml
parameters:
  authentication:
    <access_url_id>:
      <auth_method>:
        <provider_name>:
          <config_key>: <value>
```

After editing the file, clear and warm the cache:

```bash
php bin/console cache:clear
php bin/console cache:warmup
```

External login buttons appear on the login page after the cache is refreshed.

## Supported methods

* [**OAuth2**](/administration-guide/admin-guide/authentication/oauth2.md) — Azure AD, Keycloak, Facebook, and generic OAuth2 providers
* [**LDAP**](/administration-guide/admin-guide/authentication/ldap.md) — Authenticate against an LDAP or Active Directory server
* [**CAS**](/administration-guide/admin-guide/authentication/cas.md) — Central Authentication Service (legacy, not functional in 2.x)
* [**SCIM**](/administration-guide/admin-guide/authentication/scim.md) — Automated user provisioning from external identity providers
* [**SSO Configuration**](/administration-guide/admin-guide/authentication/sso-configuration.md) — Troubleshooting and cross-method notes

## Default authentication

By default, Chamilo uses its own internal system — users log in with a username and password stored in the Chamilo database. External methods are additive: the standard login form stays available alongside any configured providers.

## Further reference

For full parameter reference and advanced scenarios, see the [External Authentication configuration wiki page](https://github.com/chamilo/chamilo-lms/wiki/External-Authentication-configuration).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.chamilo.org/administration-guide/admin-guide/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.