If you need to integrate your application with another in order to exchange information, solving the problem of authentication first is essential.
One solution is that the application we need to integrate to exposes a web service SOAP that solves the authentication. In this case, the solution is to use GAM External Web Services Authentication Type from the side of the application integrated to GeneXus Access Manager.
Another scenario, is that of an external program of the application that solves the authentication issues, which is not necessarily a SOAP service. The solution for that scenario is to configure GAM Custom Authentication Type in the GAM Repository.
In both cases, you need to configure GeneXus Access Manager to accept the external program as an identity provider.
Using any of these types of authentication, GeneXus Access Manager is not the owner of the user credentials, only the user name and other information which depends on the external program output will be stored in GAM Repository. Information on roles can also be incorporated in GAM Repository if the external program returns this information in particular.
In case of authenticating to other external services, like LDAP, you can use an external program or web service in order to make a bridge between the GAM application and LDAP.
See LDAP authentication using GAM
Managing Roles through external authentication programs