Federate Identity and Access with SAML or OAuth using Vordel API Server
Enable Secured & Compliant Business Collaborations using Vordel Access Federation |
|
API usage requires authentication. In a modern architecture that include web, SOA, mobile and B2B integration patterns; the authentication scheme may include any combination of device/host, application and user identities. The simplest way to enable authentication is to provide the partner a list of API consumer identities. However, batch update or identity synchronization schemes are neither secure nor scalable. In more advanced multi-party integration use cases, API calls can chain across multiple security domains. Instead of moving identity data across security domains and rely on point-to-point integrations, use Vordel API Server to securely federate identities in real-time using popular standards such as SAML (Security Assertion Mark-Up Language) and OAuth.
|
|
Share Credential Securely Using Security Tokens with Vordel Access Federation |
|
With API usage more federated, credentials are being handled by more intermediaries than before, increasing security and compliance risks. Vordel API Server encapsulates identity data in signed tokens such as SAML, Kerberos and OAuth to enable secured federation of identity data. Vordel API Server features a built-in Security Token Service (STS) that handle token authentication, issuance, validation and mediation tasks. With Vordel API Server, a user logged into his local domain can single sign-on (SSO) securely to any third-party application, B2B service and Cloud based service.
|
|
Mediate Identities & Security Tokens with Vordel Access Federation |
|
Vordel API Server ships with pre-built integrations with all the leading identity management platforms. Vordel API Server can exchange any standard-based or proprietary token, allowing the enterprise to standardize on a single token type like SAML or OAuth. Using a single standard-based token not only enables cross-domain identity federation, but also alleviates the need for internal applications and SOA components to handle more than a single token type. For organizations that have adopted Cloud based identity services such as Okta Symplified, and VMware Horizon Application Manager, Vordel API Server also enables SSO to applications deployed on-premise via Vordel’s unique “reverse federation” capability.
|
|
Broker Trust Relationships Across Security Domains with Vordel Access Federation |
|
For an API to validate the authenticity and integrity of a client's credential, it must have a trust relationship with the client either directly or through a broker. Managing direct trust relationships for a large number of endpoints is simply not scalable, especially for cross-domain relationships. Vordel API Server brokers PKI based trust relationships between clients and services and automates token negotiation using WS-Trust and WS-Federation standards. Vordel leverages open standards to maximize interoperability with leading application, SOA and identity management products.
|
 |
Related Resources:
|
