Overview
Labshare Auth (LS-Auth)
is a login service and application toolkit for secure on-line collaboration. It provides identity and access management (IAM) services for applications with minimal overhead. The software facilitates integration of web applications with multiple identity services, enabling a “Bring Your Own Account” (BYOA) approach to user authentication. LS-Auth supports the most widely used standards for authentication and authorization and provides numerous additional features and services to secure applications.
Why Use LS-Auth?
- Securely manage access for users from multiple organizations.
- Facilitates integrating multiple applications with multiple login services using industry standard protocols.
- Valuable features out of the box for enhancing security and managing access.
- Flexible solution that supports the major standards and can be easily customized to meet special requirements.
Features
- Identity brokering – supports login via multiple identity providers with single sign-on to multiple applications with flexible authorization options.
- Federation protocols – supports the major federation protocols for identity providers and client applications; OpenID Connect, SAML 2.0, and WS-Federation.
- Multi-tenancy – allows separate groups to manage integrations independently on a common service.
- Identity Provider support – supports major enterprise and social login identities out of the box.
- Protocol translation – allows client applications to use a different protocol from the identity providers.
- Two-factor authentication – enforce stronger security by requiring two-factor authentication using the TOTP standard.
- Single sign-on (SSO) and Single Logout (SLO) – Allows users to switch between apps without having to log in again. Can also log users out of multiple applications with a single click.
- Access control – Manage roles and permissions for users and client apps. Supports OAuth standard authorization with JSON Web Tokens (JWT). Supports whitelist/blacklist and-script based authorization rules.
- Scriptable rules – Custom scripts can be used for advanced authorization rules.
- Customizable display – Customize images and text or entire UI.
- Authorization – Supports OAuth2 authorization claims (scopes).
- Access request workflow – Supports creating and managing workflows for user access requests, invitations and approvals.
- Messaging integration – Customizable email notifications.
- Logging and analytics – Built-in audit and event logs. Integration with enterprise log management systems (EFK, Splunk).
- Custom cloud service integrations – Custom integration options for popular cloud services such as Google, Jira, and Palantir.
- Command line interface (CLI) – [coming soon] scriptable commands for managing LS-Auth configuration.
- User Self-Service – [coming soon] Portal for user to view and update their own data.
Next Steps
Install locally LS-Auth and Admin UI servers.
Explore the LS-Auth documentation.
Explore the CLI documentation.
Learn how to create and update Tenants, Clients, Providers, etc.