Skip to main content

Features

Supported Protocols

  • OpenID Connect 1.0
  • Security Assertion Markup Language (SAML)
  • Lightweight Active Directory Protocol (LDAP)

Identity Provisioning

  • Identity Brokering - Authenticate with an external OpenID Connect 1.0 or SAML Identity Providers.
  • Social Login - Allows users to log in using Google, GitHub, Facebook, Twitter, and other social media platforms.
  • User Federation - LDAP-based user synchronization from Active Directory servers.
  • Kerberos Bridge - Automatically authenticate users who are connected to a Kerberos server.

Administration

  • Central management of users, roles, mappings, clients, and configuration via the Admin Management Console.
  • Users can manage their accounts from a central location with the Account Management Console.
  • Admins and users can view and manage sessions using the session management console.

Intelligent Authentication

mID Provider(IAM) provides a wide range of 2FA choices using KOBIL-specific authentication techniques. The solutions can be combined to create MFA solutions.

TypeDescription
KOBIL LoginA simple authentication system based on a username and password.
KOBIL 2FA VerifyA transaction is triggered to the user device and the user needs to approve it for successful authentication.
KOBIL 2FA OTPAn OTP generated by user device is used for authentication.
KOBIL 2FA QR-CodeThe user is presented with a QR-Code image, which must be scanned by the user. The user device generates an offline OTP that must be utilized for successful authentication.
KOBIL OneshotAn OTP generated by the user device must be transmitted to an authentication query parameter in payload URL.
KOBIL PAMAn independent authentication system that is used to allow direct access to users. The password for the SSMS Password Authentication Module (PAM) is used for authentication.
KOBIL CookieAn already generated access token is either transmitted to authentication header or transmitted to cookie URL for authentication.
KOBIL Remember Cookie AuthenticatorIt works similar to conditional authenticator, here the flow is executed based on the cookie name and flow type specified in the authenticator config.
KOBIL mTANAn OTP is sent to the user's mobile through SMS to verify their identity.
mPower CookieThe SSMS server verifies whether the saml_authorization cookie is available and validates it.
KOBIL FIDOA simple 2FA authentication system based on a Web authN key.
KOBIL Username Password FormTo authenticate their identity, the User must submit a username and password that must be available in both mID Provider (IAM) and SSMS.
KOBIL Email RegistrationAn OTP will be sent to the email which user has entered, on valid OTP, the user email will be added.
KOBIL User Attribute HandlerThe authenticator will receive a collection of attributes in the authenticator configuration as a JSON file and it will add/remove the attributes depending on the supplied JSON.
KOBIL Contact AdminSupport desk contact details will be displayed on successful authentication.
KOBIL Consent ManagerConsent details will be triggered to the user for collecting and processing their personal information, on acceptance the user consents will be updated to the Authorization Server (IAM).

Intelligent Self Service

  • Device Management
  • Account Management
  • Change Password
  • Session Management

Custom Service

Customer-specific features can be created using the mID Custom Service. KOBIL or any third-party developer can create this component. Dedicated mIDentity functionalities are enabled by the service.

  • Request 2FA Signature
  • Update Account Profile

Identity Verification

  • Email
  • Social
  • Letter on Private Address
  • OnScreen
  • Video-Ident
  • Selfie-Ident

App & Services Integration

  • Client adapters include built-in functionality for Cross-Origin Resource Sharing (CORS).
  • Fuse, WildFly, Jetty, JBoss EAP, Tomcat, and other client adapters for managing JavaScript applications
  • OpenID Connect 1.0 Resource Provider or SAML Service Provider libraries are required.

Customization

  • mID Business Logic(REST API), which can be adapted to your needs.
  • Theme support - Customize all user interface pages to match your apps and brand.
  • Token mappers - Mapping user attributes, roles, and other information to tokens and statements as needed.
  • Service Provider Interfaces (SPI) - A variety of SPIs that allow the server to be customized in various ways. Authentication flows, protocol mappers, federation providers, and so on are all examples of authentication flows.