Cybersecurity is the talk of the day in much of Europe. As an example, in Finland there was a recent case in which a private psychotherapy centre’s database was hacked and a considerable amount of sensitive client information was stolen. After this, the attackers made attempts to extort money from the victims by threatening to release the information to the public.

Cases like this are caused by compromised customer credentials, weak authorisation, and poor access control implementations. Solutions that were valid a few years ago might not be up to today’s challenges. It can be difficult for companies to protect their valuable customer data, especially if you rely on in-house built IAM (Identity and Access Management) solutions that nobody updates periodically. Ubisecure’s Identity-as-a-Service (IDaaS) easy to use solution lets you rapidly embed strong, proven CIAM (Customer IAM) capabilities into your applications. It allows you to improve security while letting your developers concentrate on your core business. In this blog, I tell you how to try these capabilities for yourself, in a no-commitment IDaaS free trial.

 

What is Identity-as-a-Service?

IDaaS offers cloud deployment options of Ubisecure’s Identity Platform solution, including both identity management and access management tools. These are used to manage your company’s external identities, including your customers, partners, remote workers, subcontractors and other external stakeholders.

In short IDaaS is a CIAM system delivered as SaaS (Software-as-a-Service).

There are two main options for Ubisecure IDaaS deployment – private cloud and public cloud. The public cloud option is a single- or multi-tenant solution that offers core CIAM functionality and is fully deployed and operated by Ubisecure. The main focus of public cloud IDaaS is on the access management side, such as single sign-on (SSO), identity providers (IdPs) and multi-factor authentication (MFA).Private cloud IDaaS is a single-tenant solution that offers full IAM functionality – including more advanced identity management capabilities like Delegated Authority – and is deployed by the customer or a certified Ubisecure System Integrator partner. The platform is operated by Ubisecure. Ubisecure also provides on-premises and hybrid deployment solutions of its Identity Platform.

 

What is Ubisecure’s IDaaS free trial?

We offer everyone a chance to test a limited set of Ubisecure’s IDaaS capabilities for a 30 day trial period. You get free access to use the system during this trial period to give you a chance to ‘test drive’ the solution for yourself. The IDaaS free trial includes identity management and access management tools, and clear step lists to instruct you with each task. No previous experience of CIAM systems is required and you will learn how to do basic identity management tasks and how to register new applications with easy to use tools and graphical user interfaces. Find the registration link here on our website: www.ubisecure.com/free-idaas.  

 

How to use the IDaaS Free Trial

This free edition of Ubisecure IDaaS allows you to test some of the core capabilities of a CIAM solution. The trial includes user registration, identity management with self-service and administration user interfaces, and a trial console tool for application integrations using the OIDC (OpenID Connect) protocol. You don’t need to bring a test application for testing the integration; it’s provided to you as a part of the trial.

Next, we will take a look at the main use cases of the IDaaS free trial. In the example case below, Max Mustermann from Drive Tag Inc. registers an IDaaS trial account, operates both self-service and administration views of the identity management, and registers a test application with an IDaaS trial access management tool called Trial Console. 

Registering for the IDaaS free trial

The first step in the IDaaS trial is the main user registration. Max clicks the registration link found from the Ubisecure website. He then fills in the simple registration form, including a confirmation code sent to his email, and he becomes the main user of a new organisation. Then he can add and invite new users from his organisation to join the trial account.

Max Mustermann from Drive Tag Inc. registers an IDaaS free trial account. 

Max Mustermann from Drive Tag Inc. registers an IDaaS free trial account.

Identity Management self-service view

Once Max has sent the registration form, he will receive an account registration confirmation email with a link to the Identity Management self-service view.

Max receives a registration confirmation email with a link to the Identity Management self-service view.

Max receives a registration confirmation email with a link to the Identity Management self-service view.

Max clicks the link, which forwards him to the IDaaS free trial sign-in window. Here, he can choose from different options including Identity Management, Access Management, OpenID Connect Tester Tool, Trial Documentation and sending an email to discuss with Ubisecure experts. He can also reset his forgotten password, in which case he’ll receive a link to his email to proceed with the operation. Max signs in to the Identity Management self-service view.

Max signs into Identity Management

Max signs into Identity Management.

 In the self-service view, Max can view, add, modify and delete his identity attributes (in the trial version, only mobile phone number can be configured) and change his password. Also, he can view his role information which is used to define the level of access rights to different applications integrated to the Ubisecure Identity Platform. At a later phase, Max will integrate a test application using the Trial Console Access Management tool.

Max can view, add, modify and delete his identity attributes, change the password and manage his roles.

Max can view, add, modify and delete his identity attributes, change the password and manage his roles.

Administration view

Next, Max switches to the Administration view, which is only available to main (administrator) users. Normal users can access only the Identity Management self-service view. Here, Max can manually add new users to his organisation or send registration invitation emails to them. Max can also view, add, modify and delete other users’ identity attributes, reset their passwords and manage their roles.

Max deletes user 'John Doe' in the IDaaS trial Administration view.

Max deletes user ‘John Doe’ in the IDaaS trial Administration view.

Application Integration

One of the main use cases of the Ubisecure Identity Platform is application integration. For this, the IDaaS free trial has a special access management tool called Trial Console. This tool simplifies the integration work and helps new users to register applications to the Identity Platform.

When registering an application, you only need to enter the redirect URI of your application. Trial Console then generates client credentials for your application to use with the OpenID Connect authorisation code flow.

To quickly get started integrating with Java or .NET technology, we offer sample applications with the source code, available on Github:

For those who want to experience an OpenID Connect (OIDC) integration without coding we have a browser based tool, OpenID Connect Tester. This tools lets you view the OIDC flows and decoded claims within the ID token in detail.

In this example, Max Mustermann has clicked the Access Management link in the sign-in window (see picture 3) to open the Trial Console window. He then registers a test application to the Identity Platform. Open the IDaaS Trial Documentation section (see picture 3) to view clear steps on how to do the registration.

Max Mustermann uses the Trial Console to register the OpenID Connect test application to the Ubisecure Identity Platform.

Max Mustermann uses the Trial Console to register the OpenID Connect test application to the Ubisecure Identity Platform.

Max registers the OIDC Tester tool with the Trial Console tool. The Trial Console is an IdP (Identity Provider) and the OIDC Tester is a client.  

Max configures OpenID Connect Tester to be a client for the Trial Console (Identity Provider).

Max configures OpenID Connect Tester to be a client for the Trial Console (Identity Provider).

Once the OIDC Tester application has been registered, Max can use the tool to monitor the OIDC protocol flows. Generally speaking, these flows are used to exchange information between the user’s browser, the application the user wants to access and the Identity Platform. With the OIDC Tester, Max can view authorization-, token- and introspection requests. Also, he can view the ID token and decode it to see the claims inside the token. To get more information about the protocol flows, see my colleague Petteri Stenius’ blog article on “The differences between SAML, OAuth and OpenID Connect”.

Max can choose requests to monitor or decode an ID Token.

Max can choose requests to monitor or decode an ID Token.

Conclusion

IDaaS is the fastest way for you to introduce identity and access management capabilities into your web, mobile and desktop applications. According to Gartner, one of the leading research and advisory companies, by 2022 IDaaS will be the chosen delivery model for more than 80% of new access management purchases globally.

The easiest way to get familiar with IDaaS is to register for Ubisecure’s IDaaS free trial session and to start testing some of the core features of the solution. It is completely free and you can launch a test instance 24/7 from Ubisecure’s website.

Start now: Register for your Free IDaaS Trial