Airlock IAM 7.1

Airlock IAM 7.1

Airlock IAM 7.1 is a general availability Release with long term support and it provides many new features.

The release focus is on the implementation of the Payment Services Directive (PSD2) for the German and French speaking market and on a new, structured reporting solution, which supports the use of SIEM systems more easily. In addition, the existing REST interfaces are extended to make flows even more powerful and flexible. The „Login REST UI“ additionally provides a modern login web application based on the REST API.

Dynamic Client Registration is a new feature in IAM 7.1 that optimizes operating costs for PSD2 because Trusted Third Parties can automatically register themselves based on OAuth standards. For the users of Docker as an operating environment, improvements have been implemented to reduce the docker image resource requirements and to make integration with Docker even more seamless and easier.






For PSD2, IAM was extended to support both the implementation for NextGen PSD2 (Berlin Group) and the implementation of the PSD2 variant of STET. The functional scope includes the dynamic registration of technical clients and the enforcement of roles and consents for access to the exposed PSD2 API.  IAM has also been extended to support remote consents in addition to local consents. Using remote consent, the bank can finely granular obtain and enforce the consent of the bank's customers.


IAM 7.1 offers a new, optional reporting component. For the implementation, great value was placed on backward compatibility and customers can run the current logging solution in parallel with the new reporting.

The optional reporting component includes the following functionality:

  • New reporting messages that are optimized for creating dashboards on authentication and the use of authentication factors.
  • All log and reporting messages are JSON structured and all semantically equivalent attributes are used identically for IAM and WAF.
  • Built-in support for Elasticsearch and Kibana incl. ES index templates and Kibana dashboards.


The extension of the REST interfaces for the Loginapp have been continued and the following functional extensions have been implemented:

  • Password Reset is now available as flow
  • Selection of the authentication flow based on the forward location
  • Role dependent conditions can be used in aurthentication flows.
  • Enhancements in self registration
    • Several different self registration flows can be offered.
    • Consent to terms of services may be requested within the scope of the flow.

Dynamic Client Registration for OAuth 2.0

Dynamic Client Registration can now also be used as part of the Authorization Server for OAuth 2.0, so that clients can register themselves via a new REST interface. The REST endpoint can be protected by client certificate authentication so that only authorized parties can register new clients. 

For NextGen PSD2, Dynamic Client Registration has been implemented so that a previously unknown client is registered on-the-fly and no separate REST endpoint has to be used. This registration requires that a trusted X.509 certificate be used by the client.

For the administration of dynamically registered clients an administrative REST API is offered as part of the admin application. 





Docker improvements

Support for Docker Deployments is constantly being improved. With IAM 7.1 the Docker Images of IAM are also available for download at Docker Hub. To improve the integration in Docker IAM offers a health check endpoint and also the logging integration is now realized by default via stdout. Another improvement is the substantial reduction of space needed by IAM containers.

Further innovations

Beside the mentioned new functions many extensions and improvements have been implemented. E.g.:

  • Transaction approval for Kobil TMS and matrix cards
  • Content Security Policy (CSP) for Loginapp HTML
  • OpenAPI specification for IAM including WAF templates
  • Performance optimization in Active Directory usage
  • Login REST UI - modern login web application based on REST API


Did we strike your chords?

Information for you

-Our whitepapers-

Zero Trust is a journey

The digital transformation of the world continues to progress, and it is profoundly affecting private life and job profiles in a manner that was hard to imagine just a few years ago.

This whitepaper covers the effects of continuous digitization and its implications.

Request free of charge

Toward DevSecOps

In this whitepaper, you will learn the most important insights into how you can successfully and efficiently implement DevSecOps, which security components are required for this, and what benefits a microgateway architecture brings.

Request free of charge

Airlock 2FA - Strong Authentication. Easy.

The two-factor authentication in the area of IT security offers double the security.

Find out more about strong authentication and the possibilities that Airlock offers in our whitepaper.

Request free of charge

Further whitepapers

We provide whitepapers on these and other topics free of charge:

  • successful IAM projects
  • Compliance
  • Data protection (GDPR)
  • Introduction of PSD2
  • PCI DSS requirements
Request free of charge