# Enterprise Security

PowerShell Universal provides enterprise security features to allow for integrating with existing authentication and authorization methods. It also includes fine grained Permissions that can restrict access the Admin Console for specific features.

Enterprise Security requires a [Server or Enterprise license](https://ironmansoftware.com/pricing/powershell-universal).

## Multiple Challege Schemes

When multiple challenge schemes are configured (e.g. SAML2 and Windows), then PowerShell Universal will select the first scheme that is defined in `authentication.ps1` . When access a protected resource, like an app or the admin console, the highest priority scheme will be used.

The below example will use Windows authentication when access protected resources by default. If you wish to login with OpenID Connect, you would need to visit the login page and click the Login with OpenID Connect button.

```powershell
Set-PSUAuthenticationMethod -Type 'Windows'
Set-PSUAuthenticationMethod -Type 'OpenIDConnect'
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.powershelluniversal.com/security/enterprise-security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.