What is Identity Management and Access Management?
Identity management (IdM), also known as identity and access management (IAM or IdAM), is a framework of policies and technologies to ensure that the right users (in an enterprise) have the appropriate access to technology resources.
IdM addresses the need of business and other organisations to ensure appropriate restrictions on access to resources by different users.
What is Single Sign On (SSO)?
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-entering authentication factors.
SSO solutions may typically use SAML protocol/standard for communication.
For more detail on Single Sign On (SSO) see our support pages at https://appcheck.zendesk.com/hc/en-us/articles/360017853438-Does-AppCheck-offer-SSO-Single-Sign-On-or-SAML-integration-for-authentication-
What is Federated Authentication?
Identity federation comprises one or more systems that share user access and allow users to log in based on authenticating against one of the systems participating in the federation. This trust between several systems is often known as "Circle of Trust"
Typically, a customer may have a central master identity repository/system known as an identity provider (such as OKTA), and use this to manage and control authorised logins to one or more service providers (such as AppCheck), which may exist in the cloud.
Does AppCheck support federated authentication or SSO?
At this time, AppCheck maintains its own propritary login and identity management system, and does not support integration with OTKA or other identity providers.
Integration with OTKA or any other identity provider is is not on AppCheck's development roadmap at this time. However please contact your account manager if federated authentication via an identity provider is a key requirement for your business.
Does AppCheck provide Role based Access Control (RBAC)?
Yes, AppCheck's identity and access management solution is based on Role based Access Control (RBAC) that allows fine-grained access to individual scans, scan settings, vulnerabilities, and other information within the platform.
How does AppCheck secure customer logins?
AppCheck uses password authentication as the primary authentication mechanism, however Multi-Factor Authentication (MFA) is also offered to customers to increase account security.