Our service offer

, by WM i-Tego

A company wishing to adopt Single Sign On (SSO) with OpenID Connect must follow three steps:
- Install an authentication server (OpenID Connect Provider, OP),
- Adapt applications so that they delegate user authentication to the OP; the applications must also monitor the state of the user’s session (Monitoring),
- Manage user registration, or link the OP to an existing identification system.

We install the OAuthSD server with your own identity directory and your access rules

The identification systems integrated into the server offer maximum security since they are secured in the physical space of the entity.

Dedicated OAuth Server (OAuthSD) is a private authentication server that implements OAuth 2.0 and OpenID Connect. OAuthSD can use a third-party identification system such as a card reader or directory such as Active Directory or LDAP and embed data from these systems into JWT identity token.

Better yet: i-Tego offers you original identification procedures that will allow you to do away with passwords!

See: L’identification des personnes

We adapt your applications to control access at the application layer

More and more applications offer the possibility of delegating user authentication in accordance with the OpenID Connect standard.
When this is not the case, special development is necessary to substitute an OIDC module for the code of the classic connection.

See: Adaptation of applications

It will also be necessary to develop the monitoring of the connection by the application (Monitoring).

See: Monitoring authentication status and SLO

Regarding protected resources such as web services, they must not provide data without being assured of the identity and integrity of the application requesting it.

See: L’identification des applications.

I-Tego’s priority is to protect your data

Not all configurations of applications, servers and protected resources can provide a high level of security. Authentication security is only effective for well-defined client-server configurations. Only "back-end" applications located on the company’s servers can be identified with certainty and their integrity checked.

This is why we do not hesitate to go against the general trend tending to disseminate data and processing "in the Cloud", outside companies.
We help businesses protect their data by building "back-end" applications, protected resources, and an authentication server all located in the company’s trusted space. It is only on this condition that the security of remote operation can be ensured, whether by mobile or in the context of teleworking.

See: Typology of applications with regard to data security.

We help you get started, we train your teams and we support you over time

We are steeped in the consultant’s method and ethics, but we are also developers. Our vertical mastery of authentication allows us to assist developers as well as project managers and the owner.

Our goal is for you to be able to control the product and maintain it independently. For this, we train DEV / IT and make the code available in private access on GitHub.

Then you can always count on us to assist you if necessary.

See:
 Who are we?
 Presentation of i-Tego
 The innovations of i-Tego