Identity Management
Identity Management, IDaaS, iWelcome

Connect and Protect

Applications can be anywhere. Hosted in your own IT infrastructure, in your business partner’s datacenter, or in the Cloud. Used by your employees from within your own network. Or by your mobile workforce on the road. By your business partners who need to access your supply chain management application. Or a potential customer, who you want to give access to public information but at the same time try to establish a relationship with. iWelcome provides a premium platform to connect identities and protect your data.

Doelgroepen

The IDaaS platform for the enterprise

We provide Identity and Access Management as a service. A full set of functionality, offered from the cloud to cater for all sorts of different use cases. Whether dealing with the access rights of internal employees, or the identity platform for your customer facing applications that store millions of users and their profile information.

Features for idaas

Provisoning

iWelcome provides a role based provisioning capability to automate the provisiong and deprovisioning of user accounts, groups and group memberships to on-premise and cloud applications. This way the complete user life cycle (sometimes refered to as “Joiner, Mover, Leaver process”) is facilitated by iWelcome.

Features
  • Automated provisioning process driven from an HR system.
  • Provision user, groups, roles and authorisations.
  • Support for role based access.
  • Support for self-service access requests.
  • Delegated administration.
  • Workflow approval, notification and escalation.
Support
  • Out-of-the-box support for most major enterprise and cloud applications.
  • Integration with on-premise Active Directory infrastructure.
  • Integration with on-premise Identity management systems.
  • Custom connectors.

 

Smart Authentication

Strong Authentication prevents unauthorised users from getting access to your companies resources. Therefore iWelcome provides multiple authentication methods for secure, multifactor authentication. But secure is not always user friendly. So that’s why iWelcome offers smart authentication: everytime the user is authenticated in a secure, but user friendly way, applicable to that specific situation. Depending on the context, a users role and the application being accessed (amongst other things).

Features
  • Smart Authentication.
  • Multi-factor Authentication.
  • Context based Authentication
  • Risk based Authentication
  • One-time password Authentication.
  • Step-up Authentication.
  • Windows Authentication.
  • iWelcome Auhenticator app.
Support
  • Microsoft (Active Directory, Kerberos).
  • 3rd party authenticator apps.
  • 3rd party access management solutions.
  • 3rd party 2FA solutions.
  • Protocols: LDAPv3, JDBC, Radius, Kerberos, OTP, HOTP, TOTP, X.509.
  • Token support: OAuth 2.0,  OpenID-connect 1.0, SAML2.0 (and 1.x) and WS-Federation.

Single Sign-On (SSO)

Thousands of applications supported. Many users struggle with the large amount of usernames and passwords they have to remember. This makes them choose easy passwords, which they probably still write down (on those yellow sticky notes). With iWelcome users only have one account name. They log in once, and get seamless access to all their applications and websites. We will make sure the password is safe and provide self-service capability to change the password or reset it in case someone forgets. And if a users’ access needs to be revoked, you only need to do that once.

Features

  • Single Sign-On.
  • Single Log Off.
  • Session management.
  • Tightly integrated with your Windows network: Desktop SSO (Kerberos).
Support
  • Support for thousands of applications.
  • SAML1.0, SAML2.x
  • OAuth2.0
  • OpenID-Connect
  • WS-Federation.
  • Identity gateway: SSO for web-application without SSO capability.

 

Federation

We provide federated Single Sign-On (SSO) capabilities. Whether it’s a company who wants to provide it’s business partners or customers with secure access to the companies hosted applications, or universities who have people working together in virtual teams who need access to a number of cloud and on premise applications – we provide the functionality needed to support people working together.

Features
  • Identity provider support.
  • Service provider support.
  • Identity proxy support.
  • Just-in-time provisioning.
  • Protocol translation.
  • Smart matching algorithms.
  • Attribute mapping.
  • Support for SURFconext, Kennisnet
Support
  • SAML 2.x, 1.1.
  • OAuth 2.0.
  • OpenID Connect-1.0.
  • JWT.
  • WS-Federation.

Delegated Administration

The IT department spends a lot of time make sure people get the right access for their job. But who do they know? Why do they decide how has access to what information? We provide delegated administration functionality so you can push this resposibility to where it belongs: outside of the IT department. To your users and line management themselves.

Functionality
  • Delegated Administration.
  • Guest accounts.
  • Temporary user accounts.
  • (self-service) Access requests.
Support
  • Integration with 3rd party access governance solutions.
  • Integration with 3rd party workflow solutions.
  • Integration with 3rd party helpdesk applications.

Access Governance

You need to be in control of your user access. You need to be able to tell who has access to what resources, and why. We provide a robust set of processes, controls and reports to help you do this. To help you achieve access compliance. Roles can be used to model your user’s access and authorizations optimizing the way you manage, control and govern access.

Features
  • Role based access control (RBAC).
  • Attribute based access control (ABAC).
  • Context based access control.
  • Context based / Risk based access control.
  • Reporting.
  • Access review.
  • Attestation.
  • Staging.

Identity Intelligence

Not all access can be modeled and managed automatically. You can try to make everything as secure as possible, and implement very strong access policies and deny access per default. Or you can accept you can’t control everything, educate your employees, and keep an eye on things. Identify risk, detect misuse and fix compliance issues. We provide Identity intelligence functionality to provide insight into your identity data and focus your efforts identity and access management efforts.

Features
  • Reports.
  • Configurable Dashboards.
  • Restful-API.
Support
  • Integration with 3rd-party IAM tools.
  • Integration with 3rd-party BI tools.
  • Integration with 3rd-party GRC tools.

Multi Branding

Branding contributes to a consistent user experience in which consumers feel comfortable and recognize the brand. Branding allows customers to closely align the iWelcome screens with B2C-websites or webshops, so consumers will not notice they are navigating from a webshop-page to an iWelcome page for identity management; instead the consumer will experience the combination of website and IDaaS as ‘one’. iWelcome support companies like USG People with their brands Start People, Unique and Secretary Plus. And PON with brands like Skoda, VW and Audi.

Features
  • Out-of-the-box look & feel themes to get you started.
  • Themes are fully customisable.
  • Different theme can be applied per customer segments.
  • All text (on screen and in messages) can also be customised.
  • Multi-language support.
  • Custom themes can developed and applied for complete flexibility.

 

Self-Service

We provide extensive self-service capabilities to fully empower your users to manage their own access.

Features
  • User registration flows.
  • Account activation flows.
  • Password reset flows (security questions, one-time password, password-reset link).
  • Edit identity and profile information.
  • Change passwords accross all connected applications.
  • Link and unlink social accounts.
  • Create and manage (2FA) tokens.
  • Access requests.

 

Service Desk

The Service Desk application is tailored made for service desk operators. It provides the service desk team with all the fuctionality they need to effectively help their customers with any access related issue they might have.

Features
  • Quickly search users.
  • View and edit all identity related information.
  • User timeline showing all relevant identity related events.
  • Overview of service disruption to troubleshoot issues.

 

Role based Access Control can be used to fine tune the actions the operators can perform.

 

Reports

iWelcome provides out-of-the-box reports. These reports help gain insight in your user population, the usage of iWelcome and all connected applications and services. But also on non-functional items like security and availability.

Features

Following is an example of our reporting capability related to account information:

  • Accounts created, updated, deleted.
  • Password changes, resets.
  • Accounts disabled, created.
  • Accounts details for a specific user.
  • List of all accounts in iWelcome.
  • List of accounts with a specific role.
  • List of accounts provisioned to a specific application.
  • Failed and succesful login attempts.
  • Application usage.

API’s

iWelcome provides a full featured restful API. This way customers can integrate their own solutions with iWelcome.

Features
  • Authentication API:  authenticate users using any of the supported authentication methods (more). Also provides support for step-up authentication.
  • Session management API: create new sessions, check for existing sessions, and destroy or extend them.
  • Inbound provisioning via SCIM API:  create, update and delete users and groups. The API (based on the SCIM specification) provides support for all CRUD operations. The SCIM object model and core schema are fully supported. This schema can be extended so that custom attributes can be defined by the customer. Field validation and verification is supported and configurable, where the default functionality can be extended with custom validation plugins.
  • Event API: query the event log and import events in 3rd BI and report tooling.
Support
  • OAuth2.0.
  • Basic authentication.
  • x509 client certificates.
  • IP-filtering.

 

Cloud Directory

iWelcome provides a Cloud Directory. It stores user and group information in a secure and high performant identity store. The cloud directory is a key component of the iWelcome platform and exposed via the self-service, user management admin and service desk UI. Furthermore there is support for inbound provisioning using the SCIM API and user synchronisation using the iWelcome provisioning engine.

The cloud directory is fully configurable to the customers need. The basic identity and profile information stored can be extended with custom attributes, including validation and verification.

Consumers

Omnichannel and Digital transformation are key words in today’s businesses. Identity Management is a pre-requisite for these customer facing services, however traditional IAM does not suffice. iWelcome’s Customer Identity & Access Management (CIAM) Platform provides all the capabilities to acquire and interact with customers across all devices during all the phases of a customer’s life cycle. iWelcome improves registration rates and user experiences and directly fuels top line growth. Proof is delivered on a daily basis for millions of consumers in all kinds of industries: healthcare, media, publishing, retail and logistic services.

Features for consumers

Multi Branding

Branding contributes to a consistent user experience in which consumers feel comfortable and recognize the brand. Branding allows customers to closely align the iWelcome screens with B2C-websites or webshops, so consumers will not notice they are navigating from a webshop-page to an iWelcome page for identity management; instead the consumer will experience the combination of website and IDaaS as ‘one’. iWelcome support companies like USG People with their brands Start People, Unique and Secretary Plus. And PON with brands like Skoda, VW and Audi.

Features
  • Out-of-the-box look & feel themes to get you started.
  • Themes are fully customisable.
  • Different theme can be applied per customer segments.
  • All text (on screen and in messages) can also be customised.
  • Multi-language support.
  • Custom themes can developed and applied for complete flexibility.

 

API’s

iWelcome provides a full featured restful API. This way customers can integrate their own solutions with iWelcome.

Features
  • Authentication API:  authenticate users using any of the supported authentication methods (more). Also provides support for step-up authentication.
  • Session management API: create new sessions, check for existing sessions, and destroy or extend them.
  • Inbound provisioning via SCIM API:  create, update and delete users and groups. The API (based on the SCIM specification) provides support for all CRUD operations. The SCIM object model and core schema are fully supported. This schema can be extended so that custom attributes can be defined by the customer. Field validation and verification is supported and configurable, where the default functionality can be extended with custom validation plugins.
  • Event API: query the event log and import events in 3rd BI and report tooling.
Support
  • OAuth2.0.
  • Basic authentication.
  • x509 client certificates.
  • IP-filtering.

 

Self-Service

We provide extensive self-service capabilities to fully empower your users to manage their own access.

Features
  • User registration flows.
  • Account activation flows.
  • Password reset flows (security questions, one-time password, password-reset link).
  • Edit identity and profile information.
  • Change passwords accross all connected applications.
  • Link and unlink social accounts.
  • Create and manage (2FA) tokens.
  • Access requests.

 

Service Desk

The Service Desk application is tailored made for service desk operators. It provides the service desk team with all the fuctionality they need to effectively help their customers with any access related issue they might have.

Features
  • Quickly search users.
  • View and edit all identity related information.
  • User timeline showing all relevant identity related events.
  • Overview of service disruption to troubleshoot issues.

 

Role based Access Control can be used to fine tune the actions the operators can perform.

 

Single Sign-On (SSO)

Thousands of applications supported. Many users struggle with the large amount of usernames and passwords they have to remember. This makes them choose easy passwords, which they probably still write down (on those yellow sticky notes). With iWelcome users only have one account name. They log in once, and get seamless access to all their applications and websites. We will make sure the password is safe and provide self-service capability to change the password or reset it in case someone forgets. And if a users’ access needs to be revoked, you only need to do that once.

Features

  • Single Sign-On.
  • Single Log Off.
  • Session management.
  • Tightly integrated with your Windows network: Desktop SSO (Kerberos).
Support
  • Support for thousands of applications.
  • SAML1.0, SAML2.x
  • OAuth2.0
  • OpenID-Connect
  • WS-Federation.
  • Identity gateway: SSO for web-application without SSO capability.

 

Smart Authentication

Strong Authentication prevents unauthorised users from getting access to your companies resources. Therefore iWelcome provides multiple authentication methods for secure, multifactor authentication. But secure is not always user friendly. So that’s why iWelcome offers smart authentication: everytime the user is authenticated in a secure, but user friendly way, applicable to that specific situation. Depending on the context, a users role and the application being accessed (amongst other things).

Features
  • Smart Authentication.
  • Multi-factor Authentication.
  • Context based Authentication
  • Risk based Authentication
  • One-time password Authentication.
  • Step-up Authentication.
  • Windows Authentication.
  • iWelcome Auhenticator app.
Support
  • Microsoft (Active Directory, Kerberos).
  • 3rd party authenticator apps.
  • 3rd party access management solutions.
  • 3rd party 2FA solutions.
  • Protocols: LDAPv3, JDBC, Radius, Kerberos, OTP, HOTP, TOTP, X.509.
  • Token support: OAuth 2.0,  OpenID-connect 1.0, SAML2.0 (and 1.x) and WS-Federation.

Identity Intelligence

Not all access can be modeled and managed automatically. You can try to make everything as secure as possible, and implement very strong access policies and deny access per default. Or you can accept you can’t control everything, educate your employees, and keep an eye on things. Identify risk, detect misuse and fix compliance issues. We provide Identity intelligence functionality to provide insight into your identity data and focus your efforts identity and access management efforts.

Features
  • Reports.
  • Configurable Dashboards.
  • Restful-API.
Support
  • Integration with 3rd-party IAM tools.
  • Integration with 3rd-party BI tools.
  • Integration with 3rd-party GRC tools.

Reports

iWelcome provides out-of-the-box reports. These reports help gain insight in your user population, the usage of iWelcome and all connected applications and services. But also on non-functional items like security and availability.

Features

Following is an example of our reporting capability related to account information:

  • Accounts created, updated, deleted.
  • Password changes, resets.
  • Accounts disabled, created.
  • Accounts details for a specific user.
  • List of all accounts in iWelcome.
  • List of accounts with a specific role.
  • List of accounts provisioned to a specific application.
  • Failed and succesful login attempts.
  • Application usage.

Provisoning

iWelcome provides a role based provisioning capability to automate the provisiong and deprovisioning of user accounts, groups and group memberships to on-premise and cloud applications. This way the complete user life cycle (sometimes refered to as “Joiner, Mover, Leaver process”) is facilitated by iWelcome.

Features
  • Automated provisioning process driven from an HR system.
  • Provision user, groups, roles and authorisations.
  • Support for role based access.
  • Support for self-service access requests.
  • Delegated administration.
  • Workflow approval, notification and escalation.
Support
  • Out-of-the-box support for most major enterprise and cloud applications.
  • Integration with on-premise Active Directory infrastructure.
  • Integration with on-premise Identity management systems.
  • Custom connectors.

 

Cloud Directory

iWelcome provides a Cloud Directory. It stores user and group information in a secure and high performant identity store. The cloud directory is a key component of the iWelcome platform and exposed via the self-service, user management admin and service desk UI. Furthermore there is support for inbound provisioning using the SCIM API and user synchronisation using the iWelcome provisioning engine.

The cloud directory is fully configurable to the customers need. The basic identity and profile information stored can be extended with custom attributes, including validation and verification.

Employees

Organisations are challenged to provide access to employees in a constantly changing world. Employees are mobile. The number of co-workers increase. Applications are on-premise and in the cloud. New eHRM and eLearning services are being introduced. Devices are no longer controlled by the company and are by default mobile. Two factor authentication has become mainstream. Single Sign-On and self-service are demanded by end-users. iWelcome’s IDaaS platform is designed for this constantly changing world. 

With our IAM platform we offer a cost effective cloud based identity management infrastructure which can be integrated with your on-premise IAM functionality too.

Get in better control of Shadow IT while reducing the number of passwords and being compliance. We provide a full featured Identity and Access management capability to implement access management for all of your applications and provide SSO to all of your employees. Your users will then have only one password to remember and Single Sign-On access to all their applications. They are also provided with self-service functionality to view and manage their identity information, change or reset their password and request additional access.

Features for employees

Smart Authentication

Strong Authentication prevents unauthorised users from getting access to your companies resources. Therefore iWelcome provides multiple authentication methods for secure, multifactor authentication. But secure is not always user friendly. So that’s why iWelcome offers smart authentication: everytime the user is authenticated in a secure, but user friendly way, applicable to that specific situation. Depending on the context, a users role and the application being accessed (amongst other things).

Features
  • Smart Authentication.
  • Multi-factor Authentication.
  • Context based Authentication
  • Risk based Authentication
  • One-time password Authentication.
  • Step-up Authentication.
  • Windows Authentication.
  • iWelcome Auhenticator app.
Support
  • Microsoft (Active Directory, Kerberos).
  • 3rd party authenticator apps.
  • 3rd party access management solutions.
  • 3rd party 2FA solutions.
  • Protocols: LDAPv3, JDBC, Radius, Kerberos, OTP, HOTP, TOTP, X.509.
  • Token support: OAuth 2.0,  OpenID-connect 1.0, SAML2.0 (and 1.x) and WS-Federation.

Single Sign-On (SSO)

Thousands of applications supported. Many users struggle with the large amount of usernames and passwords they have to remember. This makes them choose easy passwords, which they probably still write down (on those yellow sticky notes). With iWelcome users only have one account name. They log in once, and get seamless access to all their applications and websites. We will make sure the password is safe and provide self-service capability to change the password or reset it in case someone forgets. And if a users’ access needs to be revoked, you only need to do that once.

Features

  • Single Sign-On.
  • Single Log Off.
  • Session management.
  • Tightly integrated with your Windows network: Desktop SSO (Kerberos).
Support
  • Support for thousands of applications.
  • SAML1.0, SAML2.x
  • OAuth2.0
  • OpenID-Connect
  • WS-Federation.
  • Identity gateway: SSO for web-application without SSO capability.

 

Access Governance

You need to be in control of your user access. You need to be able to tell who has access to what resources, and why. We provide a robust set of processes, controls and reports to help you do this. To help you achieve access compliance. Roles can be used to model your user’s access and authorizations optimizing the way you manage, control and govern access.

Features
  • Role based access control (RBAC).
  • Attribute based access control (ABAC).
  • Context based access control.
  • Context based / Risk based access control.
  • Reporting.
  • Access review.
  • Attestation.
  • Staging.

Delegated Administration

The IT department spends a lot of time make sure people get the right access for their job. But who do they know? Why do they decide how has access to what information? We provide delegated administration functionality so you can push this resposibility to where it belongs: outside of the IT department. To your users and line management themselves.

Functionality
  • Delegated Administration.
  • Guest accounts.
  • Temporary user accounts.
  • (self-service) Access requests.
Support
  • Integration with 3rd party access governance solutions.
  • Integration with 3rd party workflow solutions.
  • Integration with 3rd party helpdesk applications.

Federation

We provide federated Single Sign-On (SSO) capabilities. Whether it’s a company who wants to provide it’s business partners or customers with secure access to the companies hosted applications, or universities who have people working together in virtual teams who need access to a number of cloud and on premise applications – we provide the functionality needed to support people working together.

Features
  • Identity provider support.
  • Service provider support.
  • Identity proxy support.
  • Just-in-time provisioning.
  • Protocol translation.
  • Smart matching algorithms.
  • Attribute mapping.
  • Support for SURFconext, Kennisnet
Support
  • SAML 2.x, 1.1.
  • OAuth 2.0.
  • OpenID Connect-1.0.
  • JWT.
  • WS-Federation.

Provisoning

iWelcome provides a role based provisioning capability to automate the provisiong and deprovisioning of user accounts, groups and group memberships to on-premise and cloud applications. This way the complete user life cycle (sometimes refered to as “Joiner, Mover, Leaver process”) is facilitated by iWelcome.

Features
  • Automated provisioning process driven from an HR system.
  • Provision user, groups, roles and authorisations.
  • Support for role based access.
  • Support for self-service access requests.
  • Delegated administration.
  • Workflow approval, notification and escalation.
Support
  • Out-of-the-box support for most major enterprise and cloud applications.
  • Integration with on-premise Active Directory infrastructure.
  • Integration with on-premise Identity management systems.
  • Custom connectors.

 

Self-Service

We provide extensive self-service capabilities to fully empower your users to manage their own access.

Features
  • User registration flows.
  • Account activation flows.
  • Password reset flows (security questions, one-time password, password-reset link).
  • Edit identity and profile information.
  • Change passwords accross all connected applications.
  • Link and unlink social accounts.
  • Create and manage (2FA) tokens.
  • Access requests.

 

Cloud Directory

iWelcome provides a Cloud Directory. It stores user and group information in a secure and high performant identity store. The cloud directory is a key component of the iWelcome platform and exposed via the self-service, user management admin and service desk UI. Furthermore there is support for inbound provisioning using the SCIM API and user synchronisation using the iWelcome provisioning engine.

The cloud directory is fully configurable to the customers need. The basic identity and profile information stored can be extended with custom attributes, including validation and verification.

Business

A single identity makes customer portals work. Identity is the glue for providing functionalities in multiple applications, offered in customer portals. At the same time one central Identity and Access Management platform reduces the burden on administrators trying to keep identities, attributes and access rights in sync. Delegated management and federated access are key elements of the identity system for connecting businesses. Every business can rely on a trusted relationship and secure access.

Features for business

Smart Authentication

Strong Authentication prevents unauthorised users from getting access to your companies resources. Therefore iWelcome provides multiple authentication methods for secure, multifactor authentication. But secure is not always user friendly. So that’s why iWelcome offers smart authentication: everytime the user is authenticated in a secure, but user friendly way, applicable to that specific situation. Depending on the context, a users role and the application being accessed (amongst other things).

Features
  • Smart Authentication.
  • Multi-factor Authentication.
  • Context based Authentication
  • Risk based Authentication
  • One-time password Authentication.
  • Step-up Authentication.
  • Windows Authentication.
  • iWelcome Auhenticator app.
Support
  • Microsoft (Active Directory, Kerberos).
  • 3rd party authenticator apps.
  • 3rd party access management solutions.
  • 3rd party 2FA solutions.
  • Protocols: LDAPv3, JDBC, Radius, Kerberos, OTP, HOTP, TOTP, X.509.
  • Token support: OAuth 2.0,  OpenID-connect 1.0, SAML2.0 (and 1.x) and WS-Federation.

Single Sign-On (SSO)

Thousands of applications supported. Many users struggle with the large amount of usernames and passwords they have to remember. This makes them choose easy passwords, which they probably still write down (on those yellow sticky notes). With iWelcome users only have one account name. They log in once, and get seamless access to all their applications and websites. We will make sure the password is safe and provide self-service capability to change the password or reset it in case someone forgets. And if a users’ access needs to be revoked, you only need to do that once.

Features

  • Single Sign-On.
  • Single Log Off.
  • Session management.
  • Tightly integrated with your Windows network: Desktop SSO (Kerberos).
Support
  • Support for thousands of applications.
  • SAML1.0, SAML2.x
  • OAuth2.0
  • OpenID-Connect
  • WS-Federation.
  • Identity gateway: SSO for web-application without SSO capability.

 

eRecognition (Dutch: eHerkenning)

iWelcome handles over 70% of all eRecognition authentications eRecognition, launched in 2010 by the Dutch Ministry of Economic Affairs, enables businesses to arrange their affairs with government bodies electronically. iWelcome is accredited by the government to provide federated authentication and authorisation services to government authorities.  Further in Dutch….

Meer dan 70% eHerkenning authenticaties in Nederland

eHerkenning is een gestandaardiseerd inlogsysteem waarmee overheidsdiensten worden opengesteld voor zakelijke afnemers. Met eHerkenning hoeft u niet zelf een inlogsysteem te laten ontwikkelen en te beheren. Ook hoeft u zelf geen inlogmiddelen uit te geven. Beheer, doorontwikkeling en beveiliging worden voor u verzorgd. iWelcome biedt een gecertificeerde dienst, de iWelcome eHerkenningsmakelaar, waarmee overheidsorganisaties kunnen aansluiten op eHerkenning. Met de iWelcome eHerkenningsmakelaar wordt ruim 70% van al het eHerkenningsverkeer afgehandeld. Ministeries, Uitvoeringsorganisaties, Gemeenten en de Kamer van Koophandel maken gebruik van deze hoog betrouwbare service.

Overheidsorganisaties kunnen op basis van een vast bedrag per maand met minimale opstart kosten aansluiten. De Nederlandse overheid werkt aan de doorontwikkeling van eHerkenning, een standaard voor de toegang tot online dienstverlening waarbij ook burgers worden aangesloten. De nieuwe naam voor deze standaard is Idensys. iWelcome participeert in het Idensys programma.

Lees meer over eHerkenning of bekijk de video van Minister Kamp van het Ministerie van Economische Zaken. Voor meer informatie neem contact op met George.Groenenstein@iwelcome.com

eherkenning

Features for eherkenning

iWelcome heeft de RFC voor ondersteuning van Single Sign-On binnen eHerkenning geschreven. Deze RFC is sinds versie 1.7 onderdeel van eHerkenning. Activeren van SSO kan eenvoudig worden geconfigureerd waarna een toetredingsprocedure wordt doorlopen.

iWelcome levert lichtgewicht adapters voor de aansluiting van Diensten op eHerkenning.

Indien uw dienst niet beschikt over een standaardkoppelvlak, zoals gespecificeerd binnen eHerkenning is het aan te raden om deze standaard integratie adapters te gebruiken.

Momenteel zijn deze adapters beschikbaar voor het ASP.NET-platform en Java-omgevingen.

iWelcome zorgt ervoor dat de generieke adapter steeds wordt aangepast aan de laatste specificaties van eHerkenning.

Met een ketenmachtiging kunnen organisaties andere organisaties machtigen om namens hen een online dienst af te nemen met eHerkenning. Ketenmachtigingen zijn vooral praktisch voor organisaties die via een intermediair (een extern bureau) gebruik willen maken van bepaalde diensten die met eHerkenning toegankelijk zijn. De eerste versie van de Ketenmachtging is in 2012 door iWelcome ontwikkeld. Op basis van deze implementatie is het koppelvlak beschreven.

De iWelcome eHerkenningsmakelaar levert (gevalideerde) attributen door die bij de authenticatiedienst en/of machtigingenregister staan geregistreerd. Dit stelt de dienstverlener in staat om de klant meer persoonlijk te benaderen en voorkomt dat de klant dezelfde informatie tweemaal moet opvoeren. De eindgebruiker kan zelf bepalen of hij een attribuut meegeeft of niet. Bij het attribuut worden de bron en de datum waarop het attribuut voor het laatst is gecontroleerd meegeleverd bij eHerkenning.

Our facts and numbers

13

iWelcome datacenters ensuring data residency in 9 European Countries. With multi data center coverage in UK, Germany and Switserland.

60000

Employees accessing 250 applications 24×7 a day, at only 1 customer!

99.993

Service Availability May 2016! Decreased performance affecting 1 customer

73

Percentage of eHerkenning traffic handled by the iWelcome eHerkenning broker