The Optimal IdM authentication-as-a-service (AaaS) offering, called The Optimal Authentication Service (OAS), is a hosted RESTful web service that provides customers with the ability to perform various types and levels of authentications including single authentication and multi-factor authentication (MFA).

OAS may be deployed in any data center and is offered in a multi-tenant environment as well as in an isolated/dedicated environment. OAS can easily integrate into your applications using the RESTful call or by using the Optimal IdM .NET SDK or jQuery plugin.

The Optimal Authentication Service permits the addition of multi-factor authentication and can be fully integrated into The OptimalCloud.

Register for a Free Trial Today!

Interested in the features and benefits of Optimal IdM’s cloud authentication service? Request a demo!

Request Demo

Easily Add MFA Capabilities to Web & Non-Web Applications

Because OAS is available via industry standard REST calls, both web and non-web applications may easily add MFA capabilities, including passwordless authentication options. As a MFA service, OAS helps prevent phishing and man-in-the-middle attacks by delivering push notifications to a user’s registered mobile device which optionally works with fingerprint-enabled systems. OAS includes other MFA options like Time-based One-Time Password (TOTP) and traditional One-Time Passcodes (OTP) that can be sent via Short Message Service (SMS), Email or voice calls.

Each can be used as a stand-alone option or in conjunction with a complete Identity Access and Management (IAM) program.  When integrating with an existing system, you can leverage OTPs via SMS, Email or voice without storing any information about the user in the cloud service.  When using TOTP or push notifications, only device information is stored, which reduces the amount of personal identifiable information that is needed.  The service can also be used to access applications in a passwordless authentication method by sending a push notifications to a mobile device for logins.

By leveraging an external AaaS offering, any business can benefit from a proven, tested and trusted solution.  Internal teams that may develop in-house authentication solutions may not have the expertise in authentication and security processes to ensure that the in-house solution produced does not have a vulnerability.  User Authentication-as-a-Service also supports rapid deployment scenarios, as most AaaS providers provide plugins (jQuery) and APIs (RESTful Services, etc.) to allow for easy integration into enterprise applications.

With an Authentication-as-a-Service provider, an enterprise can rapidly and easily secure its internal and external applications with multi-factor authentication methods (one-time passcodes, push authentication, etc.).  MFA provides more security than password authentication alone.  Also, while single-sign-on (SSO) offers convenience, AaaS adds extra layers of security by not only providing strong authentication, but access control policies, auditing visibility and administrative controls.

Request a Free Trail Today Get Started
Testimonial

"The Optimal People Picker is simply incredible! It provides us with an intuitive and efficient method to allow SharePoint users to find users and groups they are entitled to see, while ensuring they do not have the ability to openly browse our corporate Directories. Simply put, we decide what the People Picker exposes and not the tool. This is critical in an enterprise environment that includes employees, partners, and customers. In short, with the Optimal People Picker, we have a better user interface, enhanced security, and increased productivity packaged in a single product."

- Gregg Fabbri,
Read More

MFA For Windows Servers

Accessing Windows servers, whether in a local data-center or cloud-based, should always require multi-factor authentication (MFA).  Until now, it has been a difficult task to setup MFA for server access whether directly through the console or via remote-desktop (RDP).  The Optimal GINA™ Plugin (pGina) together with OAS, offers a flexible and secure solution for accessing Windows servers providing state-of-the-art MFA technology leveraging the user’s mobile device and PUSH notification technology.

Accounts are easily managed in The OptimalCloud™.   pGina also provides the ability to map cloud groups to local server/domain groups when logging in.  In fact, users that are configured to login to a given server via The OptimalCoud can automatically have an account created locally and even optionally deleted when they log out.

The Optimal Authentication-as-a-Service Includes:

  • Passwordless Access method
  • Basic Authentication (username & password)
  • Strong-Authentication via E-Mail (MFA)
  • Strong-Authentication via SMS/Text Message (MFA)
  • Strong-Authentication via VOICE (where a call is placed to a number) (MFA)
  • Strong-Authentication via TOTP (MFA)
  • Strong-Authentication via PUSH (alert to a mobile device)(MFA)
  • Basic Authentication + Strong-Authentication via PUSH (alert to a mobile device)(Fingerprint authentication to iOS and Android)(MFA)

Get Optimal Authentication Service on Google Play or in the Apple Store.

google play logo    app store logo

Resources

Data Sheet: Optical Authentication Services

Read More
White Paper: Buyer's Guide to MFA

Read More
White Papers

Read More

Can’t wait?
Get Optimal IdM’s Authorization-as-a-Service Now

Start Your Free Trial