Griffin Group solved their authentication and privacy challenges with the Curity Identity Server

Griffin Group Global offers privacy and cyber security solutions for businesses and families. Through their suite of managed digital services and business operations management, they supply peace of mind and cyber security risk protection and mitigation. Their clients are often high net worth individuals and businesses catering to those individuals, such as hotel and hospitality services, who use a wide range of communication tools to conduct business but don’t have the expertise to secure each tool, thus creating potential vulnerabilities.


Griffin’s clients have an elevated need for security. Griffin’s products and services offer cyber security risk protection and mitigation while not getting in the way of their clients performing their business. Each client is different with a different infrastructure and business tooling, which present non-standard security challenges.

The company has an ambitious road map for their Gravity product, implementing solutions on a short timeline, with limited resources. Gravity is an API first business operations suite tailored to the Griffin clientele. With Gravity, Griffin needed an authentication solution that supports API first development, while providing the potential for multi-factor authentication, Microsoft Active Directory integration and OpenID Connect with OAuth 2.0 integration to handle the multitude of client infrastructures, all with minimum coding required by the Griffin team.


To address these challenges, Griffin utilized Curity’s technology to establish a microservices oriented architecture to secure systems and APIs. Which resulted in Griffin being able to:

  • Create an infrastructure for identity management
  • Implement standards-based integration with apps and APIs
  • Offer a configurable solution that allows customization of the customer experience
  • Implement the platform in a way that supports their clients’ high security requirements
  • Assure customer privacy and anonymity using standards-based techniques

“The certified NGINX plug-in made it fast and easy to implement the phantom token flow. This protected the APIs, while simultaneously ensuring that personally-identifiable information was maintained only within the trusted mesh of microservices.”

“We looked at different vendors but found many too difficult to work with or did not provide an on-premise solution. With Curity we had the trial server up and running in hours. We saw this as a good indication of what it would be like in the long term and eased any concerns we may have had around if the chosen tool would work.”


With the Curity Identity Server in place, Griffin has been able to solve their authentication and privacy challenges and they can now offer their clients ease of mind and the comfort of secure systems and APIs.

“With Curity’s help we now have a modern and secure architecture which helps us develop new services a lot faster. There are very few hurdles to get things up and running as Curity Identity Server takes care of it.”

“Most of our clients are smaller entities and don’t usually have a mature authentication environment, with Curity we can offer them this. The plan is to start using all aspects of the Curity Identity Server as our organization grows and obtains new clients.”

With Curity’s help we now have a modern and secure architecture which helps us develop new services a lot faster. There are very few hurdles to get things up and running as Curity Identity Server takes care of it.
Matt Jenks

Matt Jenks - CTO, CTIO at Griffin Group Global

Who else is using Curity?

Curity is currently being used by millions of users to provide secure access to data. Here are some examples of our valued customers
that utilize the Curity Identity Server for their digital services:

Com Hem
Collector Bank
Shell Energy
Region Östergotland
Volvo Cars