Digital applications constantly deal with identities. It’s important to verify identity at the application’s front door through authentication. Several mature and sophisticated techniques and standards for user authentication, such as OpenID Connect (OIDC) and Security Assertion Markup Language (SAML), allow a trusted identity provider (IDP) to securely authenticate the user before allowing access to an application. However, front door authentication is not the only context in which identities must be verified. Consider the following scenarios:...

Read more

Step-up Authentication with Okta Workforce Identity Cloud Step-up authentication in an application is a pattern of allowing access to non-critical resources using basic level of authentication, and requiring additional authentications for critical resources. This has the effect of providing a balance between frictionless user experience and security in an application. There are several methodologies to provide the functionality as discussed here. In this article we will explore few ways Okta Workforce Identity Cloud (WIC) can...

Read more

Step-up authentication in an application is a pattern of allowing access to non-critical resources using basic level of authentication, and requiring additional authentications for critical resources. In this article, we will explore the whys and hows of step-up authentication in modern applications that include Single Page Applications (SPA) and native mobile applications. Federation protocols such as OpenID Connect (OIDC) are getting increasingly popular for modern applications to enhance security by trusting an appropriate identity provider. Here we will focus primarily...

Read more