EInnovator SSO Gateway is white-label solution to authentication, identify management, and access-control in micro-services architectures. It support the OAuth2 protocol as way to allow application to automatically authenticate users, and have a single security context across a set of micro-services. It provides a rich UI to allow users to manage their profiles and privacy, and groups and organizations to manage membership, role assignments, and organizational structure. Administrators can manage all resources in a convenient way, including users, groups, gloabl roles, client applications, and tokens.
EInnovator SSO Gateway is built from the group-up to be used in the context of micro-services architectures. It provides a rich programming model, API, and client libraries, that allows application to to easily integrate with other services in a secure way, extend the security settings and define application specific roles. It is highly-configurable using an assortment of settings and selection from many pre-availble themes. Developers can also created and integrate new themes, customize exiting views, or create new views.
EInnovator SSO Gateway primes for offering a rich security and access-control model unseen in other SSO projects. The white-label model enables startups and enterprises to build business value in to the basic services provided, with the optional collaboration with EInnovator engineering team. Additionally, it is part of a larger micro-service suite that provides a one-stop solution to the difficulties of bootstrapping new projects and refactor legacy ones.
New application can be made secured automatically be simply importing a SSO client library – such as SSO Spring Boot starter for JavaTM apps. Rich user profiles are supported with fancy and customizable themes. Most aspects of functionality are configurable via UI or configuration files – from API registration, to token and password management.
Multi-Level group hierarchies, structure in organizations, operations, and teams, are supported to allow for rich identity management and fine-grain access control. User and group connections are also modeled in support of networking based applications and security models.
Roles-based access-control model is provided to control global accesses, and internal organization level access to resources. Additionally, object-level access control service is provided using a flexible API. Applications can use this generic access control mechanisms and map them to many use cases.
A configurable invitation mechanism is provided, for single user and bulk invites, customizable invitation templates, motives for invitation, and trigger actions of invitation acceptance.
Security is a central requirement in any application and software system. Users need to be authenticated and credentials check for validity to make sure that privacy, access rules, and ownership of resources is secured. In micro-service distributed environments, this is best achieved by having a central authority – Single-Signon Gateway – that handles all the complexities of authentication and manage user identify, group membership, and network connections in a safe way.
OAuth2 is the by far the most widely used security protocol to achieve distributed authentication and access control, providing a security framework where different use-cases can be build.
Security also requires applications to have easy ways to express access control rules, with different approaches needed for different use cases. Role and permission based access control, and explicitly access control lists, are a common approaches for this. Group membership, organization structure, and networks of connections, further add to the complexity.
Growing the user pool of an application is a quintessential element of any successful product. This can be achieved by using viral mechanisms, where users invite others to join – out of collaboration need or cheer enthusiasm about the product.
Feature Area | Feature | Use Cases |
---|---|---|
Authentication & Account Management | Sign in/Sign up, Password Management | Out-of-the-box support for user registration and login |
User Identity and Profile | Fancy User Profiles and Identify with customizable themes | |
OAuth2 support and 3th Party Provider Integration | Industry-standard for inter-app authentication and access-control | |
Group & Connection Management | Multi-Level Groups, Membership Management | Structure social space from organization to teams, group profile pages |
Connection Management | Connection based access-control | |
Role Management & Access Control | Global and per Group Role and Permission Model | Site level and organization level access control |
Dynamic registration of roles and permissions | Application defined roles and access control rules | |
Invitations | User and Group Membership invitations | Application defined roles and access control rules |
Invitation Motives and Custom Templates | Customize Invitation Messages with Templates and Motive Objects |
Comments and Discussion