register for 2024
May 28-31, 2024 | Aria Resort & Casino, Las Vegas, NV
register for 2024
Identiverse 2023 • Session
Journey to Integrating Custom Applications to MFA
Deployments and Leading Practices
Back to Main Agenda
Ironwood 3
10:15 am - 10:40 am
Security Delivery Manager
Session Abstract: Using username and password for authentication is insecure. Zero trust guidance says to use multifactor authentication (MFA). However, not all MFA is equal. Only phishing-resistant MFA provides strong protection against sophisticated attacks. Therefore, our task was to move applications from current username/password to a phishing-resistant MFA. In this session we will go over that journey of integrating custom application(s) for MFA with an identity provider. The customer environment has a working IDP that supports all the modern authentication protocols: SAML, OAuth, OpenID Connect, and WS-Fed. However, the challenge came from custom applications that did not natively support any of these modern authentication protocols. Secondly the developers were not keen on writing any new code for authentication since the development team was primarily focused on application functional programming. Thirdly, the developers were not familiar with either SAML, or OAuth and OpenID protocols. And finally, time was a constraint to deliver a working solution, hence writing new code by developers for authentication modules was not an option. Our IAM team took over the responsibility of a system integrator to integrate this custom application with the IDP using SAML protocol. This presentation will show each step in that journey.
Follow us on
identity everywhere
Stay informed on the latest event updates
Identiverse: The Identity Universe
hosted by CyberRisk Alliance
register now