By default, Identity Manager uses OSP for single sign-on access in Identity Manager. When you install Identity Reporting and the identity applications, you specify the basic settings for user authentication. However, you can also configure the OSP authentication server to accept authentication from the Kerberos ticket server or SAML. For example, you can use SAML to support authentication from NetIQ Access Manager. You can also enable single-sign by configuring Access Gateway as a reverse proxy server that provides single sign-on and restricts access to the identity applications and Identity Reporting servers by securely providing credential information for authenticated users. For more information about OSP, Understanding How OSP Works with Identity Manager.