Ensure smooth administration by setting up access rules
To ensure compliance with rules and regulations and minimize manual administration, authorization of users can be based on Access rules in Digital Access. Access rules is a way to formalize and enforce the company policies, by specifying detailed requirements for users to access resources and single sign-on domains, based on for example:
- authentication method
- group membership
- client device
- geographical location and network
- date and time
Allow for single sign-on or identity federation
Smart ID Digital Access helps end users to simply access all their local or remote resources with just one login, by using single sign-on and identity federation.
Single sign-on in Digital Access (SSO) permits users to enter their credentials once, which then gives them access to several resources without the need to re-authenticate later on. Smart ID Digital Access supports several SSO mechanisms, including web-based applications, cloud applications or through an access client.
Identity federation is an agreement that can be made between multiple service providers to let users get access to all services with the same identification data. Smart ID Digital Access supports federation technologies such as SAML 2.0, OpenID Connect federation in Digital Access component and OAuth 2.0. Digital Access can act as an identity provider or connect to other identity providers, depending on the use case.
Make administration easy with self-service
Any administration or configuration changes for example of users, resources, authentication methods and access rules in Digital Access, is done via the web-based administration interface.
Users can also use the built-in self-service portal to change or reset passwords or provision their own mobile identities with the Smart ID Mobile App. In combination with the Smart ID Digital ID solution, more self-service functionality is provided.
Combine with other Smart ID solutions
Nexus' Digital access is a set of processes for how to grant and manage secure access to different users into the right digital resources. It can be combined with other Smart ID Workforce modules modules for a complete security solution, including acting as an identity provider against Nexus' services or external services.
Specification
- Supports identity federation via the protocols SAML, OpenID Connect and OAuth2
- Supports OATH one-time passwords
- Supports RADIUS clients and servers
- Connects with public eIDs, such as Swedish BankID, Freja eID and Norwegian BankID
- Offers a webservice API for authentication and user management, as well as for configuration
For more information, see Digital Access component requirements and interoperability.