ALM does not handle user authentication.
To receive services from the ALM Platform, the application must provide an authentication token as a cookie in the request header. To obtain this token, you need to be authenticated by a mechanism outside of ALM, in one of the following ways:
LWSSO. The application passes an LWSSO (Light Weight Single Sign On) cookie in the request header. For details, see Authenticate using LWSSO.
WS-Trust using IdP. Authentication is handled by an external Identity Provider (IdP), following the WS_Trust authentication protocol. For details, see Authenticate using IdP.
Note that not all methods are available for all ALM versions.