The following document illustrates how the Keyless Workforce product can be integrated in any IAM to enable biometric authentication. This feature is comprised of mainly three components:
Keyless Middleware
Keyless Authenticator App
Keyless OIDC/SAML2 Connectors
In some cases, a direct integration can also be carried out using the middleware REST API.
The Keyless middleware serves the purpose of binding Keyless identities to the your IAM users. It is also responsible for sending push notifications to the authenticator app
In order to authenticate with Keyless, a user must first enroll his biometric template. To do so, Keyless provides an enrollment service, which must be protected by the customer IAM for security purposes.
Once a user has enrolled successfully, Keyless can be used as an Identity Provider for the customer IAM and therefore as a means of authentication for the final user.
To start integration, select your identity provider from the list below
Learn about the architecture of the integration based on your preferred federation standards.
Click here to get your credentials from our delivery team.
Integration with IAM systems typically done over SAML or OIDC federation.
On-premise and VPN integrations typically leverage the RADIUS protocol.
In this use case, Keyless authentication is connected with a RADIUS server.
Keyless RADIUS Connector must be deployed in the customer infrastructure and it must be able to talk with the VPN server
Below picture shows a logical representation of this scenario with all the services that will be involved from a Keyless and a customer perspective:
To start integration, select your VPN provider from the list below