# Overview ### Authentication strategies Auth strategy should be selected corresponding to your SharePoint environment and its configuration. Import path `strategy "github.com/koltyakov/gosip/auth/{strategy}"`. Where `/{strategy}` stands for a strategy auth package. | `/azurecert` | ✅ | ❌ | [sample](https://go.spflow.com/strategies/azure-certificate-auth#json) | | ------------- | -------------- | - | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `/azurecreds` | ✅ | ❌ | [sample](https://go.spflow.com/strategies/azure-creds-auth#json) | | `/azureenv` | ✅ | ❌ | [sample](https://go.spflow.com/auth/strategies/azure-environment-auth) | | `/device` | ✅ | ❌ | [sample](https://go.spflow.com/strategies/azure-device-flow#auth-configuration-and-usage) | | `/addin` | ✅ | ❌ | [sample](https://go.spflow.com/strategies/addin#json) | | `/ntlm` | ❌ | ✅ | [sample](https://go.spflow.com/strategies/ntlm#json) | | `/adfs` | ✅ | ✅ | [spo](https://go.spflow.com/strategies/adfs#sharepoint-online-configuration), [on-prem](https://go.spflow.com/strategies/adfs#on-premises-configuration), [on-prem (wap)](https://go.spflow.com/strategies/adfs#on-premises-behing-wap-configuration) | | `/fba` | ❌ | ✅ | [sample](https://go.spflow.com/strategies/fba#json) | | `/tmg` | ❌ | ✅ | [sample](https://go.spflow.com/strategies/tmg#json) | | `/saml` | ❌ (deprecated) | ❌ | [sample](https://go.spflow.com/strategies/addin#json) | JSON and struct representations are different in terms of language notations. So credentials parameters names in `private.json` files and declared as structs initiators vary. ### Additional strategies Gosip supports [custom](https://go.spflow.com/auth/custom-auth) (ad hoc) strategies. Some worthy are boiled in [the Sandbox](https://github.com/koltyakov/gosip-sandbox/tree/master/strategies) to be added later on to the main package in a case of the demand. | Strategy name | SPO | On-Prem | Credentials sample(s) | | ---------------- | --- | ------- | ------------------------------------------------------------------------------- | | On-Demand | ✅ | ✅ | [sample](https://go.spflow.com/strategies/on-demand#configure-and-usage-sample) | | Alternative NTLM | ❌ | ✅ | [see more](https://go.spflow.com/auth/strategies/alternative-ntlm) | ### Secrets encoding When storing credential in local `private.json` files, which can be handy in local development scenarios, we strongly recommend to encode secrets such as `password` or `clientSecret` using [cpass](https://go.spflow.com/utilits/cpass). Cpass converts a secret to an encrypted representation which can only be decrypted on the same machine where it was generated. This minimize incidental leaks, i.e. with git commits.