Use-cases
The following are examples of typical Ceptor use-cases:
Protecting web-based applications
Ceptor provides Authentication of end-users, customers and/or employees and protects access to applications using MultiFactor Authentication.
Authentication options include:
- FIDO Tokens
- TOTP Software Tokens (such as Google Authenticator or MS Authenticator) with registration flow supported
- HOTP Tokens
- SMS OTP codes
- Email OTP
Authentication options are flexible and custom types can added with little effort.
Ceptor supports OpenID Connect and SAML Federation acting both as Identity Provider and Service Provider - this allows you to use e.g. social logins to authentication customers where only weak authentication is required, but switch to more secure methods depending on individual applications needs.
Providing Single Sign On (SSO)
Ceptor provides Single Sign On (SSO) to all your applications - it can do credential exchange, e.g. authenticate end-user using multifactor authentication and then authenticate to the backend applications on behalf of the user using the authentication method they are used to handle - examples could be:
- Basic Authentication
- Client certificates
- Kerberos/SPNEGO/Windows Integrated Integration
- Custom (HTTP headers)
- LTPA Tokens
- Form login
- SAML
- OpenID Connect
The authentication method presented to the end-user does not need to match the one used towards the application servers.
As new authentication methods are added, applications behind Ceptor need not to know or be modified.
Once user signs in he is authenticated to all authorized applications and once he signs out, he is signed out of all.
Application cookies can be intercepted by Ceptor Gateway and stored in the users session, hidden from the browser.
Providing MultiFactor Authentication for VPN
Ceptor Radius provides MFA for VPN or other Radius clients such as RACF MFA.
Ceptor allows end-user to choose between user-specific available MFA methods, allowing use of multiple 2nd factor authentication alternatives.
Some of the type of tokens and authentication we have been helping customers to perform are:
- Yubikey
- Gamalto Hardware Tokens
- TOTP Software tokens
- HOTP Tokens
- Azure MFA Push message verification
The end-user gets to choose between his available methods using the Radius Challenge-Response mechanism, where user is asked to enter OTP code for default token, but gets the option of choosing to use another, e.g. sending an SMS/OTP PIN if his regular physical token is unavailable or damaged.
The capability of allowing end-user flexibility cuts down on support cost and enables users to quickly switch to backup options if primary tokens are not functional.
Cloud Native
Ceptor Microgateway container can protect a single (or multiple) containers containing applications or APIs
All of Ceptors many authentication options are available as well as Identity Federation such as OpenID Connect, Micro Gateways to either authenticate end-users themselves, or to use central Ceptor (or other) authentication services.
API Management
Ceptor API Management supports the pillars of API Management
API Repository
Provide one place to manage, discover and govern your APIsAPI Authoring
Design, create, describe and document your APIs
Create mocks and tests to your customers, allowing them to provide feedback during development process and creation of new APIs.API Governance and lifecycle
Provide APIs in different environments, e.g. sandbox for testing, prerelease environments and production with different implementations, mocks etc. Manage different versions, deprecate older versions.Developer Experience
Provide API discovery, subscriptions, access to API descriptions and documentation and allow developers to try out APIs using a Developer Portal.API Security
Secure access to APIs, authenticate partners / developers using different methods and authorize their access to individual APIs or operations.Rate Limiting / Throttling
Put limits on API calls, provide different subscription levels, SLAs etc.
Allows hard limits (denying requests when limits are exceeded) and throttling, slowing down rate of consumption.Analytics
Provide insight into who is using APIs, how they are used, how often - provides valuable insight into business and operations level information.API Monetization
Charge for API usage, revenue-share with partners and track billing.
© Ceptor ApS. All Rights Reserved.