Documentation Hub
Workforce
Workforce
  • Keyless Integrations Docs
  • ✅Prerequisites
  • IAM and SSO Integrations
    • Overview
    • Okta
      • Account Linking Config
      • Identity Provider Config
    • Microsoft AD FS
      • Prerequisites
      • Integration
      • Authentication
      • Troubleshooting
    • AWS Cognito
    • Auth0
    • ForgeRock
      • ForgeRock Authentication Node
      • Forgerock Identity Cloud
    • OneLogin
    • Ping Identity
      • PingOne SSO
    • Microsoft Entra ID
    • Salesforce
  • Post Integration
    • 🏁Post Integration
      • 📢Employee Onboarding
        • Prerequisites
        • Email Templates
      • 🎧Admin Onboarding
        • Common Terms
        • Enrollment and Activation
        • Authentication
        • Troubleshooting and Support
Powered by GitBook
On this page
  • The Keyless Middleware
  • Enrollment Flow
  • Authentication Flow
  • Identity Providers

Was this helpful?

  1. IAM and SSO Integrations

Overview

Last updated 1 month ago

Was this helpful?

Keyless can be integrated into any IAM solution to enable biometric authentication. Most implementations consist of three components:

  • Keyless Middleware

  • Keyless Authenticator App

  • Keyless OIDC/SAML2 Connectors

In some cases, a direct integration can also be carried out using the middleware REST API.

The Keyless Middleware

The Keyless middleware binds Keyless identities to your IAM users, and is responsible for sending push notifications to the authenticator app.

Enrollment Flow

To authenticate with Keyless, a user must first enroll their biometric template. To do so, Keyless provides an enrollment service, which must be protected by the customer IAM for security purposes.

Authentication Flow

Once a user has enrolled successfully, Keyless can be used as an Identity Provider for the customer IAM and therefore as a means of authentication.

Identity Providers

To start an OIDC/SAML integration, select your identity provider from the list below

Cover
Okta
Cover
Microsoft AD FS
Cover
AWS Cognito
Cover
Auth0
Cover
ForgeRock
Cover
OneLogin
Cover
Ping Identity
Cover
Salesforce
Cover
Microsoft Entra ID