08.23.2018 - Gartner Magic Quadrant for Access Management, Worldwide

According to Gartner, “Niche Players provide access management technology that are a good match for specific use cases. They may focus on specific industries or have a geographically limited footprint/ however, they can actually outperform many competitors.” Optimal IdM is honored to be included in the Gartner 2018 Magic Quadrant for Access Management, Worldwide. We believe our placement affirms our unique offering that goes beyond what other vendors in the space provide, namely the choice of having a non-shared environment. Or, in other words, a private, dedicated, secure, single tenant for the IAM space. Optimal IdM solutions are highly customizable and offered as a fully managed service. Optimal IdM’s customization, innovation, and affordable monthly plans make it an ideal solution for growing organizations. Here are a few highlights of what to expect from Optimal IdM: ...

08.20.2018 - Troubleshooting Federation with Fiddler – Part 3 of 3 – Debug Oauth2 and OpenID Connect Federation Issues

Fiddler is simply the best tool to debug federation issues. Optimal IdM has just released a white paper on this which you can download from our website. This is part two of a three-part blog series on this topic. In part one we covered how to use Fiddler to debug WS-Federation issues. In part two we covered how to use Fiddler to debug SAML 2.0 federation issues. Here in part 3 we will cover how to use Fiddler to debug Oauth2 and OpenID Connect federation issues. OAuth2 and OpenID Connect define different grant types. Depending on the grant type the flow may consist of a mixture of web application and web service (REST) calls. The most commonly used grant is the Authorization Code grant. In this grant the user’s browser is used to make a web application authentication request after which an Authorization Code is returned to the web application. The web application makes a REST call to the IdP to exchange the authorization code for an Access Token and JSON Web Token (Jwt). If in the Authorization Code grant request you get an error on the Identity Provider, run a Fiddler trace reproducing the issue. Then look for a GET request to the IdP with the following URL parameters shown below. You can see the URL parameters by selecting the line in the request list and then going to the Inspectors -> Web Forms tab.  The URL parameters for the OAuth2\OpenID Connect authentication request are: ...

08.1.2018 - Optimal IdM Earns ISO/IEC 27001:2013 Certification

Optimal IdM, a leading provider of Identity and Access Management (IAM) solutions, today announced it has achieved ISO/IEC 27001:2013 certification, the international standard outlining best practices for information security management systems. “These certifications validate our commitment to transparency and providing the highest standards of security to our customers,” said Ed Gorczyca, Chief Compliance Officer at Optimal IdM. ...

Tags

  • The database in which all of your organization’s sensitive identity data is stored.
  • A digital ledger in which digital transactions are recorded chronologically and publicly.
  • Securely managing customer identity and profile data, and controlling customer access to applications and services.
  • The means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.
  • A legal framework that sets guidelines for the collection and processing of personal information of individuals within the EU.
  • The policy-based centralized orchestration of user identity management and access control.
  • An authentication infrastructure that is built, hosted and managed by a third-party service provider.
  • A security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
  • A global provider of innovative and affordable identity access management solutions. 
  • Managing and auditing account and data access by privileged users.
  • Tools and technologies for controlling user access to critical information within an organization.
  • An authentication process that allows a user to access multiple applications with one set of login credentials.