Hosted OpenID Connect & OAuth 2.0 server
Do you want to enjoy the benefits of having your own Connect2id server and not have to worry about its deployment and operation?
In mid July 2018 we’ll be launching a new service where you can subscribe for a fully hosted and managed Connect2id server, to provide highly-available single sign-on, identity and API access management to your applications.
Your OpenID Connect &
Your user data stays with you
You can use your own existing user stores. The Connect2id server does not require access to your users’ credentials, which is a plus for security.
Bring your own policies
You are free to devise your own rules for login, consent and managing the token lifecycle. These can be scripted in any language you like.
High availability, in a region of your choice
You get a Connect2id server cluster for high availability, in a AWS data centre of your choice for quick and low-latency access from your applications.
Collect identity events and metrics
Collect key identity events and metrics in real time, for logging, audit and business intelligence purposes.
|Monthly active users||Connect2id server cluster||Monthly price|
|Up to 10 000||2 VMs for high-availability and load balancing||€ 299|
|Up to 20 000||2 VMs for high-availability and load balancing||€ 599|
|Unlimited||2 VMs for high-availability and load balancing, will scale up to 4 on demand||€ 999|
Billing is on a monthly basis. The prices don’t include European Union VAT (not applicable to customers outside the EU).
You can also follow us on Twitter.
Frequently asked questions
1. Where is my Connect2id server going to be hosted?
In the Amazon cloud (AWS).
2. Which AWS regions are available?
You can choose to have your Connect2id server cluster deployed in any one of the 16 EC2 regions, in North and South America, Europe, Asia and the Pacific.
3. Which Connect2id server version am I going to get?
Typically the latest stable version of the Connect2id server. Upgrades will be handled by us, transparently to you and with zero service downtime.
4. How can I configure my hosted Connect2id server?
With the help of a wizard in the admin console. The JWK set and master tokens will be generated automatically for you in the console.
- By pasting the entire configuration as Java properties, including the JWK set, into the admin console.
We’re also working on providing a web API for configuring your hosted Connect2id server.
5. Which OAuth 2.0 grant types are supported?
The hosted Connect2id server is built to enable handling of the following OAuth grant types:
Resource owner password credentials — Via a web hook that delegates validation of the submitted username and password to an external service.
- Client credentials — Via a simple handler that bounds the scope of the issued token to those scope values set in the client’s registration.
Web based hooks for handling JWT and SAML 2.0 bearer assertion grants will be provided at a later stage.
6. Which OpenID claims sources are supported?
The hosted Connect2id server build includes two connectors for sourcing OpenID claims (attributes) about end users:
LDAP — To retrieve claims from a Microsoft Active Directory and other LDAP v3 compatible directory servers.
- HTTP endpoint — A web hook for retrieving the claims from an external service.
7. Which OAuth client authentication methods are supported
All client authentication methods supported by the on-premise Connect2id server, save for self_signed_tls_client_auth (until client X.509 certificates become supported by Amazon’s ELB, or a viable work around is found).
8. What support is included in the subscription?
Basic email support with configuration. If there’s sufficient demand we may consider offering more comprehensive support plans, similar to those for the licensed on-premise Connect2id server.
9. What is the billing cycle?
Usage is billed every month, according to the number of active users for the period.
10. How are active users counted?
By counting the unique subject identifiers (end-user identities) in issued ID and access tokens during the billing period.
11. Do you issue VAT invoices?
Yes, we do, if the billed entity is located in the EU.