Airlock IAM 7.4
Passwordless is coming!
Regardless of whether you are a security expert, an IT supporter, or a user: Even the thought of passwords gives many people a headache. Only an additional security factor like Airlock 2FA allows the CISO to sleep soundly.
How about if you could access all of your systems without any passwords? What if the passwordless login could be introduced in a short time without adapting the applications?
Airlock 2FA is often used without passwords. With FIDO, Airlock now supports another authentication method without passwords.
FIDO
The operating systems and browsers from Microsoft, Google, and Apple are ready. And Airlock IAM, too: FIDO is available as an additional authentication method.
Your advantages:
- Password-free login, optionally also without a username
- FIDO as the second factor
- Registration of a FIDO device by the end-user (during login or in the self-service portal)
- User administration / Helpdesk: Management of FIDO tokens
- Support of mobile and built-in FIDO authenticators
- IAM integration via Loginapp REST or UI
Either with Airlock 2FA or FIDO: Help us to get rid of passwords.
Go Passwordless Now!
Styling in no time
For an attractive and consistent customer experience, all IAM screens have to be perfectly adapted to your corporate design. This not only includes login pages but also applies to registration, password reset, and self-service pages.
The brand new Loginapp REST UI SDK helps the designer to quickly style and rearrange all GUI elements, and to see the changes live immediately. Labels, texts, and the behavior of the page can also be modified without having to redo everything for the next Airlock update.
Designers and frontend developers are many times faster with the SDK, because they are independent of a running IAM installation: Just jump to any page in a flash. See the result of a change within seconds. Easily simulate error states and warnings.
Decentralized User Administration
For large companies with multiple locations, it is more efficient to delegate user administration to decentralized organizational units. The same principle can be used for employees of partner companies (like external asset managers, brokers, suppliers, etc.).
For this purpose, users are divided into realms. A realm administrator only maintains the users in his realm, which corresponds to a branch or a region, for example. The super admins can still see all users and determine who belongs to which realm and who is allowed to administer them.
Further innovations
Browser tabs are popular because they are very useful. But what happens to the other tabs when I log out of a tab? Our solution is based on OpenID Connect Session Management, an open standard: As expected, all tabs belonging to the same single sign-on session are logged out - even across multiple domains.
The Loginapp REST UI and the corresponding APIs have been expanded significantly. The following functions benefit from the greater flexibility of the flow architecture:
- Extension of the password reset flow (self-service)
- Account unlock (self-service)
- Temporary locking (after failed login attempts)
- mTAN Token self-service management
- Airlock 2FA for approving user profile changes or a password reset
Comments
Airlock IAM 7.4 is a "Long Term Support" (LTS) release, which can be used until the end of 2022. If you are still using Airlock IAM 7.2 or older, we recommend updating to IAM 7.4 soon.
Webinar Airlock IAM 7.4
Recording of Airlock IAM 7.4 webinar