Curity is the single point of integration when it comes to identity. Let websites, mobile apps, APIs, Microservices and user repositories connect to Curity.
Curity enables true agility and reduced time to market when deploying new apps and services. By using standard integrations with the identity system, developers can focus on business value instead of security.
The Curity Identity Server is a complete, standards based, Identity Management System. Using OAuth 2.0, OpenID Connect, JSON Web Tokens and SCIM among others, it provides standards based integration with apps and APIs. Forget dependencies to propriatary integration packages and SDKs.
Curity makes the leading identity and security standards easy to use, customize and deploy
- Curity is more than an Identity Server, it is a full-fledged Identity Management System (IMS) covering all aspects of the Neo-Security IMS platform.
Authenticating users is way beyond login. The Authentication service is responsible for answering the question Who Are You? with as much detail as is needed by the requesting systems. The Authentication Service is an advanced authentication multiplexor that can be tuned to the precise need of the organization and its applications.
A Security Token Service (STS) is responsible for issuing tokens (tickets) describing the user's identity. Following standards such as OAuth 2.0 and OpenID Connect are only the minimum requirement. To become useful, the STS must provide flexibility far beyond the specifications.
Sometimes called Profile Service, this is the standardized way to manage users. The User Management Service provides a SCIM API that can create, read, update and delete users and their properties, either through a self-service portal or by a customer services representative application regardless of the user repository or database being used.
Centralizing identity management is not something to be taken lighly. Over time new standards will emerge that will need to be supported. Curity is built around standards which makes it suitable for integration with other systems and new standards. We like to think about it as scalability over time.
Logging in users is just part of the story. Finding attributes, linking accounts, managing password resets, single sign-on, issuing tokens etc. All of these parts are necessary when building modern applications. Each application may require different levels of trust, and may need different attributes about the user.
By letting a central system deal with the authentication and token issuance, the APIs can focus on functionality. Build integrations once and reuse in every project reducing development effort to core business only.
A world of libraries and communities exist when using open standards. In security it's is rarely a good idea to invent a protocol yourself. Curity is based on state of the art standards and aims at being the most compliant server in the world.
True scalability can only be achieved when each component does what it is meant to do. Neo-security design is about letting each system handle one task and one task only. Curity is built with this in mind. Each subsystem of the Curity Identity Server is standalone and only serves its specific purpose.
Meeting regulatory changes is not a small task. When Identity Management is centralized, life for the CISO becomes a bit easier. Curity is built to be ready when it matters. GDPR or PSD2 are not as intimidating when the architecture is built to support them.