Central Identity and Access Management(CIAM)
I-AM® CIAM module acts as the central point of authentication across multiple enterprise applications. All the Users and Services shall be authenticated using I-AM® Cryptographic Identity and then token is issued which can be used to access different resources.
I-AM® CIAM provides out of box support for various Multifactor Authentication modes along with Federated Authentication and SSO.
Privacy by Design
I-AM® Identity is designed to be in control of users and can effectively deliver on privacy use cases
You are safe when you are protected by I-AM CIAM
How does it work?
Technology
I-AM® Attribute chain makes it possible to link various usernames across applications to a single Cryptographic identity. This unified identity can be used to provide federated authentication across applications and issue jwt tokens. These jwt tokens can be passed to the resources which can verify the validity of token from CIAM module. I-AM® CIAM module support standard protocols like Open-ID Connect(OIDC), oAuth2.0 and SAML.
Workflow
Users are enabled on I-AM® SDK integrated app via simple onboarding process and marked for CIAM module via administrative options in admin panel.
At the time of login User does a
I-AM® Cryptographic authentication, post which resource specific tokens are issued by I-AM®. These token can be used to access the protected resources for the specified duration
Key Differentiators
-
Federated Authentication latch on to existing authentication mechanism
-
Exhaustive multifactor authentication part of approval workflow
-
Customizable onboarding journeys(Both Client and Backend based onboarding)
-
User activity trail across applications.
Federated Authentication
I-AM® provides an option to onboard custom Identity provider for which can be used for 1st factor of authentication. These IDP will have various mechanism for
I-AM® integrations