Skip to main content

Digital identity and authentication techniques are experiencing rapid transformations. The present technological stack is based on experiences acquired in the past, with an understanding of what will work and what will not work in real-world circumstances.

Two-factor authentication (2FA) and OpenID Connect (OIDC), both open standards, are examples of such technologies. On the surface, each of these systems appear to provide identical methods for user authentication, but they are not the same in practice. Some of the distinctions are basic, while others are more complex.

We will look at several approaches to integrate them in the IDP Provider(IAM) platform to give a secure authentication solution in this user-centric world. The IDP Provider(IAM) platform was created to handle user authentication in a highly flexible way. The default authentication method is username/password ("basic"). To improve account security, stronger types of authentication such as One-Time Password (OTP) and Universal Two Factor (U2F) Security Keys can be enabled.

Authentication Flow

An authentication flow is a container for all authentications, screens, and actions that must happen during login, registration, and other workflows. Multiple authentication methods powered by KOBIL are available through the IDP Provider (IAM) platform to facilitate essential processes. You'll be able to specify and configure all of the system's authentication processes, as well as the actions that each one necessitates.

The sequence of actions that a user or a service must do in order to be authorized is referred to as the authentication flow.

caution

Authentication flows are a key security feature. A poorly designed flow might result in no people logging in, users logging in with less authentication, or just an error.

Built-in Flows

The mID Provider comes with a set of pre-installed flows. These flows cannot be changed, however the requirements can be changed to meet your requirements.

Custom Flows

Custom authentication flow contains these main elements:

  • Top Level flow (authentication flow)
  • Execution flow
    • Sub-Execution flow
  • Execution

Step 1: Create Top Level flow

To create a Top Level flow, you can either:

  1. An existing flow can be copied and then modified.

  2. To do so, click the Copy button and choose an existing flow (for example, the AST-TMS flow).

AST-TMS

  1. Before establishing the new flow, you'll be asked to give it a name.

rename

  1. Make New flow from the sratch. To do so, click the New button.

new

Configuration to Create Top Level Form

new

ParameterDescription
AliasThe name of the top level flow
DescriptionThe description you can set to the flow.
Top Level Flow TypeThe type of flow. The type client is used only for the authentication of clients (applications). For all other cases choose generic.

Once the flow is created, in addition to the New and Copy buttons, you now have, Delete, Add execution and Add flow.

caution

Deleting the flow in usage may cause user or clients not be able to login.