Digital identity and authentication techniques are experiencing rapid transformations. The present technological stack is based on experiences acquired in the past, with an understanding of what will work and what will not work in real-world circumstances.
Two-factor authentication (2FA) and OpenID Connect (OIDC), both open standards, are examples of such technologies. On the surface, each of these systems appear to provide identical methods for user authentication, but they are not the same in practice. Some of the distinctions are basic, while others are more complex.
We will look at several approaches to integrate them in the IDP Provider(IAM) platform to give a secure authentication solution in this user-centric world. The IDP Provider(IAM) platform was created to handle user authentication in a highly flexible way. The default authentication method is username/password ("basic"). To improve account security, stronger types of authentication such as One-Time Password (OTP) and Universal Two Factor (U2F) Security Keys can be enabled.
An authentication flow is a container for all authentications, screens, and actions that must happen during login, registration, and other workflows. Multiple authentication methods powered by KOBIL are available through the IDP Provider (IAM) platform to facilitate essential processes. You'll be able to specify and configure all of the system's authentication processes, as well as the actions that each one necessitates.
The sequence of actions that a user or a service must do in order to be authorized is referred to as the authentication flow.
Authentication flows are a key security feature. A poorly designed flow might result in no people logging in, users logging in with less authentication, or just an error.
The mID Provider comes with a set of pre-installed flows. These flows cannot be changed, however the requirements can be changed to meet your requirements.
Custom authentication flow contains these main elements:
- Top Level flow (authentication flow)
- Execution flow
- Sub-Execution flow
Step 1: Create Top Level flow
To create a Top Level flow, you can either:
An existing flow can be copied and then modified.
To do so, click the
Copybutton and choose an existing flow (for example, the
- Before establishing the
newflow, you'll be asked to give it a name.
Newflow from the sratch. To do so, click the
Configuration to Create Top Level Form
|The name of the top level flow
|The description you can set to the flow.
|Top Level Flow Type
|The type of flow. The type
client is used only for the authentication of clients (applications). For all other cases choose
Once the flow is created, in addition to the
Copy buttons, you now have,
Add execution and
Deleting the flow in usage may cause user or clients not be able to login.