If you have multiple sites and applications in your company, probably you need to provide seamless authentication to all of them. So when user logged in at one of your sites once, he does not need to enter his credentials on other sites. So, OpenAM can help you to solve all this issues. Key features of OpenAM are:
-
Authentication - OpenAM ships with more than 20 authentication modules, which you can use to customize your authentication process. Also, you can customize sequence of authentication modules, to provide multi-factor or adaptive authentication.
-
Authorization - OpenAM can also manage authorization, so you can restrict access to desired resources according to different authorization policies.
-
Identity Provider - OpenAM can act as an Identity Provider, using SAML, OAuth 2.0 or OpenID Connect 1. So, your clients can develop their own applications or websites and authenticate via OpenAM like they authenticate via Facebook or Google.
-
Single Sign On - after single authentication, user gets access to all resources protected by OpenAM. So, there is no need to authenticate at other services.
-
High Performance and Clusterization - To enable high availability for large-scale and mission-critical deployments, OpenAM provides both system failover and session failover. These two key features help to ensure that no single point of failure exists in the deployment, and that the OpenAM service is always available to end-users. Redundant OpenAM servers, policy agents, and load balancers prevent a single point of failure. Session failover ensures the user’s session continues uninterrupted, and no user data is lost.
-
Extensibility - OpenAM allows to extend just any functionality, from authentication modules to user data source. Besides, it supports UI customization to create separate end-user pages with personal branding.
-
Developer SDK - OpenAM ships with Java SDK, which allows to interact with authorization API, authentication API, manage accounts and so on…
-
Security - As OpenAM is open source, it allows community and clients test it for possible vulnerabilities, and do PEN tests.