We install the OAuthSD server with your own identity directory and your access rules
The identification systems integrated into the server offer maximum security since they are secured in the physical space of the entity.
Dedicated OAuth Server (OAuthSD) is a private authentication server that implements OAuth 2.0 and OpenID Connect. OAuthSD can use a third-party identification system such as a card reader or directory such as Active Directory or LDAP and embed data from these systems into JWT identity token.
Better yet: i-Tego offers you original identification procedures that will allow you to do away with passwords!
See: L’identification des personnes
We adapt your applications to control access at the application layer
More and more applications offer the possibility of delegating user authentication in accordance with the OpenID Connect standard.
When this is not the case, special development is necessary to substitute an OIDC module for the code of the classic connection.
See: Adaptation of applications
It will also be necessary to develop the monitoring of the connection by the application (Monitoring).
See: Monitoring authentication status and SLO
Regarding protected resources such as web services, they must not provide data without being assured of the identity and integrity of the application requesting it.
See: L’identification des applications.
I-Tego’s priority is to protect your data
Not all configurations of applications, servers and protected resources can provide a high level of security. Authentication security is only effective for well-defined client-server configurations. Only "back-end" applications located on the company’s servers can be identified with certainty and their integrity checked.
This is why we do not hesitate to go against the general trend tending to disseminate data and processing "in the Cloud", outside companies.
We help businesses protect their data by building "back-end" applications, protected resources, and an authentication server all located in the company’s trusted space. It is only on this condition that the security of remote operation can be ensured, whether by mobile or in the context of teleworking.
See: Typology of applications with regard to data security.
We help you get started, we train your teams and we support you over time
We are steeped in the consultant’s method and ethics, but we are also developers. Our vertical mastery of authentication allows us to assist developers as well as project managers and the owner.
Our goal is for you to be able to control the product and maintain it independently. For this, we train DEV / IT and make the code available in private access on GitHub.
Then you can always count on us to assist you if necessary.
– Who are we?
– Presentation of i-Tego
– The innovations of i-Tego