Header cover image

Indigo OpenConnect

At the intersection of consumer, mobile and social identities

Product Overview

The proliferation of smart mobile devices and the rapid adoption of the social web are the two most significant and "game-changing" developments of recent times. Many companies have rushed to adopt the mobile platform and social media to better serve their customers.

As a result of the rapid pace of these developments, and the lack of products and tools, IT has overlooked the area of Identity and Access management for the mobile and social space. For instance, for companies that have multiple mobile applications, it is common that there is no Single Sign-On between them, requiring each application to handle authentication, authorization and token management independently.

In a similar vein, companies have not been able to leverage their customer's social identities in a consistent manner both for the web and the mobile platform. Indigo's OpenConnect addresses these issues with a standards based highly scalable platform that allows companies to provide consistent Mobile Access Management and social identity integration for both mobile and web applications.

Mobile Access Management

Mobile Authentication

Provides both a native shared client application for iOS and Android platforms and a web based application to present a common login interface with consistent and configurable forgotten password flows and device lockout policies.

Social Login (Bring Your Own Identity)

OpenConnect allows customers to sign in and register using their social identities from providers like Facebook and Twitter. With a stepped authentication approach companies can allow access only to non critical data with Social Login and enforce that the customer steps-up to credential authentication to gain access to critical areas.

Mobile Single Sign On (SSO)

OpenConnect provides single sign on capabilities which allows SSO between native applications and also between native and web applications. OpenConnect's extensions for web SSO products like OpenSSO, OpenAM, OAM allows easy integration with existing web access management deployments.

Security

When using the common native login service on the Android platform, sensitive information can only be accessed by this service and only be accessed by native client applications that have been signed by known certificates. Likewise on the iOS platform, sensitive data is stored in a Keychain only accessible by a restricted pre defined set of applications using a shared bundle ID.

Social Identity Integration

OpenConnect allows web and mobile customers to login using their Social Identities (Facebook, Yahoo, Twitter or Google) and optionally federate with local identities. Use APIs like FB Social Graph API consistently.

Comprehensive Standards Supported

OpenConnect provides comprehensive support for current social identity standards, including OpenID Connect 1.0 & OAuth 2.0. It deploys fully functional OpenID Provider (OP) and Relying Party (RP) implementations.

Mobile and Web

Social logins can be used by both the web and mobile platform. On the web, OpenConnect provides extensions for many of the existing Web Single Sign On products like OpenSSO to create authenticated sessions based on the social identities.

Key Features and Benefits

Key Features

  • Mobile User Authentication
  • Mobile SSO for native and web applications
  • Support for native, web and hybrid clients
  • Native login applications for iOS and Android
  • Secure devices, users and applications independently
  • Configurable and consistent IAM features
  • Integration with risk engines like OAAM
  • Out of the box integration with various web SSO platforms
  • Use Social Identities for login and registration
  • Optionally federate social identities with local ones
  • Built to handle the scale of consumer identities
  • Supports multi-sited multiserver deployments out of the box

Key Benefits

  • Enhanced user experience with SSO
  • Greater customer uptake with Social Registration and Login
  • Enhanced security
  • Consistent authentication experience
  • Consistent authentication policies
  • Leverage existing IAM infrastructure
  • Reduced development and maintenance costs

Specifications

  • Full support for OpenID Connect 1.0
  • Full support for OAuth 2.0
  • Requires standard servlet 2.5 web container for deployment
  • Supports standard LDAP v3 compliant Directory servers for User and internal repository
  • Supports external caching mechanisms like Coherence