Curity 5.0.0 has been released! Release notes
Today’s organizations offer a range of digital services to various types of users over different channels. With this comes a challenge to provide secure access to its data. Using the Curity Identity Server, organizations can secure their digital services, in configuration and not in code, this helps to avoid lengthy development projects and costly maintenance.
Centralized, secure and flexible authentication enabling SSO and MFA.
Explore Authentication ServiceLeverage OAuth and OpenID Connect with customizable tokens, scopes, claims and policies.
Explore Token ServiceSimplify access to your legacy data sources with the standardized SCIM API.
Explore User ManagementAuthenticate the user with branded flows on a per-client basis
Orchestrate the authentication flow with actions e.g. user prompting, password updates, and risk-policy enforcements
After successful login, customized tokens are issued per use-case using the built-in claims and scope framework
Let the API verify the token either directly or via a gateway using the phantom token flow
The Curity Identity Server was built with close attention to the architecture to ensure it addresses the identity structure of today, as well as prepared for the challenges of tomorrow. It is built on the design principle of separation of concerns, with each sub system serving only its specific purpose. And doing it really well. The effect of this is enhanced security, increased flexibility and true scalability.
Centralized user authentication for all your websites and apps
Unified authentication enables your server applications to access shared APIs.
Dynamic OAuth token generation that secure API access.
A standardized way to manage your users with one API.
The Authentication Service is an advanced authentication multiplexor that can be configured to meet any app or website’s needs. With 25+ ready-made methods and a workflow engine of actions running on login and SSO, the Curity Identity server allows you to authenticate users for API access without custom code.
The Token Service is the cornerstone for securing APIs. It is responsible for issuing tokens (tickets) with information about the caller for access control decisions. To really leverage on OAuth and OpenID Connect for distributed authorization, a flexible Token Service is a necessity.
The User Management Service offers a standardized way to manage users and simplifies access to legacy data sources. You can integrate with any user repository or database, allowing developers to work with JSON over REST, instead of SQL queries and LDAP operations.
Curity Identity Server comes with a carrier-grade configuration service, where transaction-based changes, rollbacks, backups can be made of your entire cluster with a single command. The cohesive configuration service provides an easy-to-use Web UI, scriptable Juniper-style CLI, standards-based RESTCONF API and XML config files, built for automation and massive scale.
The Curity Identity Server can be deployed in any environment and fits easily into your CI/CD pipelines with its multifaceted management capabilities. With ready-made Docker images and Kubernetes helm charts, a Curity cluster that auto-scales linearly without inter-node dependencies can be setup in hours.
docker run -it -e PASSWORD=<admin_user_password> -p 6749:6749 -p 8443:8443 curity/idsvr
helm repo add curity https://something.example.com && helm install curity/idsvr
Curity Identity Server supports a wide range of identity and security-related standards and has been certified to conform to OpenID Connect and implement a vast number of IETF RFCs. We believe industry standards are of vital importance. They help ensure a high level of security by being designed and vetted by security experts, avoids vendor lock-in, gives a less steep learning curve for new team members and simplifies regulatory compliance.
Curity Identity Server enables organizations to manage identities and secure API-based services in a multitude of scenarios
Manage large volumes of identities, different types of clients, APIs and microservices in a cloud native environment.
Safely expose high-worth data, delivered over financial grade APIs that comply with regulations such as PSD2.
Chain any number of authentication methods together to create a strong and user-friendly login experience to your digital services.
