Onegini Identity Cloud Documentation
The documentation on this page refers to the single-tenant version of the Onegini Identity Cloud platform.
Getting started
Onegini Single Tenant Platform Architecture
Mobile identity & Access
Create a mobile application with easy to use authentication. The platform allows your customers to interact with your company data while we keep all communication secure. Developers can just focus on building a functional app.
- Manage devices able to communicate with your data services.
- Control active app versions and force end-users to upgrade.
- Prevent malicious apps from accessing data.
- Set authentication options like PIN, Fingerprint, Eyeprint.
- Face Recognition and more.
Identity & SSO
Identity management is becoming increasingly important for any financial services provider operating online. After all, your clients have come to expect secure online services, accessible at any time, from anywhere in the world. To ensure that you can deliver a truly secure product and minimize the risk of fraud, especially when dealing with highly sensitive content like financial information, you must know exactly who you are dealing with at all times. With online risks becoming ever more complex, a simple online user account is no longer enough.
- Easy onboarding of new and existing customers
- Single Sign-On
- Self service
- Empower your helpdesk, focus on what counts
- User delegated management
Core Concepts
Don’t trust the device
Everything that the end-user performs on his device is not trusted, unless it’s verified in some sort of way at a back-end (which is not under control of the end-user). This is the reason why the MSP solution has a server component. Essentially this system enforces the authentication policy on the mobile application and is capable of detecting and administering anomalies.
Keep It Simple and Secure
Back in 1960, Aircraft engineer Kelly Johnson introduced the design principle KISS (Keep It Simple Stupid) at the U.S. Navy. A great principle, but stupid is not secure. That’s why we’re bending the original acronym a little bit by saying Keep It Simple and Secure. We’d like to think that you don’t choose between security and ease of use. You choose both.
Security from the ground up
Our security is like an onion on all levels of the app or for all kinds of attacks we provide the right security measures. Tampering detection, Jailbreak/Root detection, Debug detection, Payload encryption (double encryption; application layer encryption on top of TLS/HTTPS).
Empower the end user
Mobile apps should be personalized. Your customers want to have an overview of their products and services, regardless of the channel they are using. Your customers can log in and access their personal information in a consistent and user-friendly way.
Keep your favourite tools
A security framework should not force you into a completely different way of building apps. You want to build your apps the way you like it.