Connect2id server 1.2 released
OpenID Connect Single Sign-On (SSO) for the enterprise
The highlights of the new release:
Greatly simplified configuration of provider metadata. There's now one less config file to deal with.
Added checks at server startup to prevent configurations that may adversely affect security.
What is OpenID Connect?
OpenID Connect is a new industry standard for OAuth 2.0 - based login and identity provision. The catalyst for it has been OAuth 2.0's massive success (Facebook, Google) in recent years, underpinned by the protocol's strong focus on ease of client app integration, which is crucial for attracting social and consumer app developers in great numbers.
The OpenID Connect WG was formed couple of years ago by experts in the field who recognised OAuth 2.0's potential, and set out to define a simple identity layer on top of it by coining a JSON-based identity token (JWT) and a UserInfo endpoint where client apps can retrieve consented profile information about the end-user. All this has been designed to mesh nicely with OAuth 2.0's existing flows and tokens, while satisfying a wide range of applications in the social, consumer, and enterprise domains.
OpenID Connect for simplified identity and access management
Those of you already familiar with enterprise IdM may ask -- why reinvent the wheel with OpenID Connect when we already have SAML?
SAML has been the enterprise's go at standardising IdM and SSO about 10 years ago, utilising the web technologies of the day -- XML and SOAP.
OAuth 2.0 and OpenID Connect on the other hand is the social network's go at standardising SSO and identity provision, and uses the lightweight JSON, bearer tokens and RESTful APIs instead.
Ease of client side integration can be of great benefit to enterprises that want to move quickly and integrate / share identities with partners, social and consumer apps. Another significant advantage is ability to seamlessly combine OAuth 2.0 authorisation (our server does it since it also provides general OAuth 2.0 authorisation).
To sum up the benefits of OpenID Connect for enterprises:
OAuth 2.0 greatly eases client-side integration by focusing on light-weight data formats, flows and web APIs.
OAuth 2.0 is already quite established and well-known among developers. An important factor if you're hiring new developers and want to move fast.
Even if you have existing SAML deployments and expertise you can win from adding OpenID Connect support by being able to integrate a new range of partner, social and consumer apps. The Connect2id server provides a handy SAML-to-OpenID Connect bridge and you can leverage your existing SAML assertions.
Why choose the Connect2id server?
Unmatched ease of integration and customisation to fit the most demanding business needs. The Connect2id server gives you clever web APIs for plugging arbitrary authentication and authorisation mechanisms as well as claims sources.
Engineered for 100% uptime, distributed operation within and across data-centres, and low TCO.
Written in Java and based on leading open source technologies, sourced from partners or developed in house.
We're actively participating in the OpenID Connect, OAuth and JOSE work groups and are ready to provide you with in-depth expertise, no matter how hard your questions are. Our customers consistently value our professional support and dedication and our no-nonsense sales approach.