- 24 Nov 2023
- 2 Minutes to read
- Print
- DarkLight
Login and Authentication
- Updated on 24 Nov 2023
- 2 Minutes to read
- Print
- DarkLight
Secure, Versatile, Enterprise-Ready
Agile.Now, a cutting-edge identity platform, offers versatile login and authentication options designed to meet diverse security needs and compliance standards. Whether it's for an individual, SMB, or large enterprise, Agile.Now’s authentication services are built with the best practices to ensure seamless user experience and robust security.
Versatile Authentication Methods
Agile.Now supports a variety of authentication methods to cater to different user preferences and security requirements:
- Password (PWD): Traditional yet effective, password authentication is widely used and supported.
- One-time password (PIN): One-time password (OTP): a secure, single-use code for enhanced authentication and data protection.
- Multi-Factor Authentication (MFA): An additional layer of security that requires two or more verification methods, enhancing protection against unauthorized access.
- Single Sign-On (SSO): Streamlines the user experience by enabling access to multiple applications with a single set of credentials.
- OpenID Connect (OIDC): An identity layer built on top of OAuth 2.0, providing identity verification and basic profile information retrieval in a secure, RESTful manner.
OAuth 2.0 and OpenID Connect Standard Compliance
Agile.Now adheres to the OAuth 2.0 standard, a widely accepted protocol for secure and authorized API access, and incorporates OpenID Connect (OIDC) for identity assurance. OAuth 2.0 enables clients to access protected resources by obtaining an access token, which is used to authenticate requests. OIDC adds an authentication layer, allowing users to also obtain an ID token, which contains user profile information and serves as proof of the user's identity.
Secure AuthToken Cookie
Upon user login, Agile.Now automatically adds a secure AuthToken cookie to the user's session. This token is a key feature, enabling authenticated access to REST services and other resources, ensuring secure and seamless interaction between services.
Token Lifetimes
- Access Token: Agile.Now issues access tokens with a lifetime of 60 minutes. After expiration, users need to refresh the token to continue accessing protected resources.
- ID Token (OpenID Connect): The ID token's lifetime aligns with the access token, expiring in 60 minutes. This token contains claims about the authenticated user session.
- Refresh Token: With a generous validity of 90 days, refresh tokens allow users to obtain new access tokens and ID tokens, ensuring uninterrupted access.
Enterprise-Ready and Best Practices
Agile.Now is engineered with enterprises in mind. The platform follows industry best practices and is constantly updated to stay ahead of evolving security standards and compliance requirements. Whether you’re a startup or a global corporation, Agile.Now provides a scalable and reliable solution for all your authentication needs.
Conclusion
Agile.Now’s login and authentication services are a testament to its commitment to security and versatility. With support for various authentication methods, compliance with OAuth 2.0 and OpenID Connect, secure token handling, and adherence to best practices, Agile.Now stands as an enterprise-ready identity platform for organizations of all sizes.