An identity server enables an organization to provide secure access to data for its users. A centralized identity server is an essential piece of a common security platform for all applications and APIs. It is especially useful to support different login methods and flows, a variety of databases and repositories, and when developing a mix of clients and technologies in the front-end and back-end, for APIs and microservices. With a centralized identity server you can manage of all that in one place.
The most straightforward way is to use our pre-built Docker images from Docker Hub. With a single command the server is then downloaded and started. The "Basic Setup Wizard" in the admin UI will guide you through an initial configuration, and you can fetch your trial key directly from the developer portal. Within minutes you'll be ready to authenticate users and create OAuth access tokens!
Whilst an API management platform is useful for managing the lifecycle of an API, the Curity Identity Server offers API-driven identity and access management. This is essential to effectively secure APIs and digital services, making it a great complement to your API platform. The Curity Identity Server provides prebuilt integrations to the most common API management solutions on the market and empowers API gateways and developer portals to be used at their full potential. Including the Curity server in your API platform allow you to address shortcomings and introduce new capabilities, e.g., scope explosion, claims-based authorization, privacy-preserving access tokens, consent management, adaptive authentication and much more.
For sure. Sign up on developer.curity.io using only your name and email. Click on "License" to create your personal 15-days free trial.
The Curity Identity Server often replaces old, legacy solutions that were not built for API-driven, DevOps-oriented deployments or automated processes. Many identity solutions were designed in the early 2000s and not capable of addressing the challenges of the 2020s. Curity's technology it built for OAuth-based environments and configuration-as-code. Everything in the Curity Identity Server can be automated with a standard-based admin API that is transaction-based, version-controlled with audit trails, supports rollbacks across an entire cluster, and complimented by a fully scriptable CLI, Helm charts and Cloudformation templates available on Github.
Definitely. When utilizing the same technology and architecture for internal or external use cases (but not necessarily using the same instance), it's easy to build common services and APIs, that all share the same source of truth. A license of the Curity Identity Server always includes unlimited number of users and has a straightforward model. There is no need to worry about costs growing out of control and having to make non-optimal design decisions based on commercial limitations.
One of the key architectural principles behind the Curity Identity Server is separation of concerns (i.e., the "UNIX philosophy" of having programs do one thing and do it well). Authenticating users (in the Authentication Service) and issuing tokens (in the Token Service) are separate problems and should therefore be treated separately. The Curity Identity Server supports any number of authentication services and token services in the same cluster, enabling multi-tenancy and the ability to create cloud services at a massive scale.
The Curity Identity Server comes as one product that's easy to manage. It’s made up of the three distinct services: Authentication, Token and User Management. You can have as many instances of the services as you like, with different end points for different type of services or purposes, enabling large-scale scenarios and use cases in a single deployment.
Either actually. The Curity Identity Server is provided as a Docker image, Linux or macOS application, and can easily be deployed on AWS, Azure, GCP or your own servers. A Curity cluster can span across cloud platforms, enabling a multi-cloud or cloud-agnostic strategy to meet the highest availability requirements while avoiding vendor lock-in. Read more about deployment here. Curity never accesses your customers' PII. Maintaining full control of your users' identities and security enables you to comply with internal business requirements as well as regulations such as GDPR and PSD2.
The Curity product comes with an SDK that allows you to build your own extensions. All plugins and customizations are "first-class citizens", making them available in all admin interfaces (the GUI, CLI, REST API and XML-files), exactly like the built-in ones. You can find a wide range of examples and starting points on our Github page.