VASCO IDENTIKEY Federation Server
A complete authentication and access management server, designed to validate user login on
IDENTIKEY Federation Server is extremely well suited for large corporations, governments, non-profit organizations and educational institutions looking to secure and manage access to different web-based applications and portals. With a continuous growing number of web-based applications each requiring its own logon procedure, IDENTIKEY Federation Server reduces overall complexity and provides customers with an unprecedented user experience while offering secure twofactor based user authentication.
- One identity ticket to log-on to multiple applications
- Time-saving and highly efficient log-on method providing advanced user-experience
- Multiple authentication methods are supported, including application-specific authentication
- Web SSO- and Federated authentication are consolidated in one solution
- Single administrative interface and user repository
- Effortless deployment (up and running within the hour)
- No changes to existing infrastructure required (e.g. Active Directory schema)
- Low integration cost & high ROI
- VASCO offers its consultancy and professional services to customize its solution for your company specific application
- Authentication Manager:
- User Authentication: validation of user/password
- Identity Provider: assigns a ticket to the user which can be re-used during a limited time)
- Access management to web-based applications
- Integrated support for popular business and social media protocols
- OAuth for OAuth Identity providers, such as MYDIGIPASS.com, Facebook, LinkedIn, Twitter
- ADFS2.0 for ADFS2.0 applications, such as Office365.com
- SAML2.0 for SAML-enabled applications, such as GoogleApps, Salesforce.com
- Federated Authentication
- Web SSO
- Authentication Methods:
- DIGIPASS two-factor authentication with IDENTIKEY as authentication server, including OTP delivery via SMS or e-mail (Virtual DIGIPASS)
- Support for application-dependant authentication methods
- Support for attribute release policies
- Scalability & Redundancy:
- Fully scalable supporting high-availability setups
- Integrated web-based management environment
- Support for monitoring via SNMP
- Support for industry-standard communication protocols ensures smooth integration into existing infrastructures and applications.
- SAML2.0 for IDENTIKEY Federation Server as Identity Provider (incoming requests)
- SAML2.0 for IDENTIKEY Federation Server as Client/ Service Provider (outgoing requests)
- ASelect protocol for IDENTIKEY Federation Server as Identity Provider and Service Provider (incoming/outgoing requests)
- ASelect WS protocol for IDENTIKEY Federation Server as Client/ Service Provider (outgoing requests)
- Basically any application that supports SAML2.0 can be supported.
Identity & Access Management Platform
IDENTIKEY Federation Server validates users and creates an identity ticket enabling web single sign-on for different applications across organizational boundaries. As validated credentials can be reused, once a user's identity is confirmed, access to authorized services and applications is granted. Users can securely switch between the different applications and collaborate with colleagues, business partners, suppliers, customers and partners using one single identity.
IDENTIKEY Federation Server works as an Identity Provider within the local organization, but can also delegate authentication requests (for unknown users) to other Identity Providers. In a Federated Model, IDENTIKEY Federation Server does not only delegate but also receives authentication requests from other Identity Providers, when local users want to access applications from other organizations within the same federated infrastructure.
Enhanced User And Administrator Experience
The web single sign-on feature provided by IDENTIKEY Federation Server greatly enhances end-user experience. Endusers save time by sidestepping different logon procedures and are no longer obliged to memorize several password and username combinations. The company's administrator's task is equally simplified. IDENTIKEY Federation Server comes with a single administrative interface and user repository removing the burden of maintaining diverse password databases and different authorization and authentication policies for each application separately.
Turnkey Solution, Different Authentication Methods
IDENTIKEY Federation Server is delivered as a turnkey solution and includes an optimized high throughput and fully protected configuration. It is available as a Virtual Appliance, which allows a quick implementation within your virtualized architecture for a solid and optimal performance.
The server supports different types of authentication methods that can be combined with or tied to a specific application. The validation of one-time passwords is performed by IDENTIKEY server. IDENTIKEY Federation Server and IDENTIKEY Server work seamlessly together with VASCO's DIGIPASS range which includes both hardware and software authentication methods.
Download the VASCO IDENTIKEY Federation Server Data Sheet (.PDF)