TwoGenIdentity specializes in Identity and Access Management and open-source technologies.
We focus on solving Identity problems.
We provide IAM training and workshops to explain how to implement best practices and standards in the Identity Space.
We design IAM solutions for improving the user experience and the security of your Organization.
We offer services for building and customizing IAM platforms based on requirements.
Proven experience enhancing and optimizing IAM (Workforce) and CIAM (Customer) solutions.
We provide creative and innovative solutions in the Identity and Access Management Space to customers in Europe and America.
Technology IAM Matrix
We are experts in improving the user experience and the security due to the implementation of modern authentication and authorization mechanism like OpenID Connect (OIDC) and OAuth 2.0. Thanks to OIDC you will accelerate the sign-in / sign-up process, reduce frustration associated with maintaining multiple credentials, provide seamless access across different technologies and improve the security by reducing password security risks moving to passwordless authentication and two-factor authentication (MFA).
When transitioning from passwords to a passwordless experience, you may encounter challenges. However, nowadays, thanks to Passkeys, you have the possibility to offer login with Touch ID and Face ID to your users. Therefore, you have no excuses to say ‘Goodbye, Password’.
You can also improve the security in the API Architecture scenario protecting your microservices with OAuth 2.0. With step-up authentication, Web Applications or APIs that allow access to different types of resources can require users to authenticate with a stronger authentication mechanism to access sensitive resources. Here is an article with more information about this topic.
With the growing importance of zero-trust architecture which is based on the principle that nothing can be trusted, questions around the level of access granted have become critical. Furthermore, security and compliance are mandatory problems to tackle in any architecture, and authorization is a crucial part of any solution, bearing in mind that the 2021 top OWASP risk was a broken access control. And last but not least, you have to make authorization flexible, fast and scalable to address nowadays use cases.
Thanks to the implementation of Keycloak open-source Identity and Access Management platform integrated with OpenFGA, which is an open source solution for Fine-Grained Authorization that applies the concept of ReBAC (created by the Auth0 inspired by Zanzibar) you will address those problems. Here there is an article and workshop with more information about how to integrate those platforms.
A key piece of the decentralized identity equation is how people, organizations, and devices can be identified and located without centralized systems of identifiers (e.g. email addresses).
Microsoft released Entra Verified ID, as the newest member to join the Microsoft Entra portfolio. Customers rely on Azure AD to secure access to corporate resources. Microsoft is actively collaborating with members of the Decentralized Identity Foundation (DIF), the W3C Credentials Community Group, and the wider identity community.
We use IDs in our daily lives. We have drivers licenses that we use as evidence of our ability to operate a car. Universities issue diplomas that prove we attained a level of education. By using Verifiable Credentials to prove their details such as: name and address, salary, and the IBAN of an existing bank account, verification is instantaneous.
Verifiable Credentials offer a direct and secure channel between an organization and its stakeholders. A VC provides a mechanism to express credentials on the Web in a way that is cryptographically secure, privacy respecting, and machine verifiable.
In short, verifiable credentials are data objects consisting of claims made by the issuer attesting information about a subject. These claims are identified by schema and include the DID issuer and subject. The issuer’s DID creates a digital signature as proof that they attest to this information. DIDs are globally unique identifiers linked to Decentralized Public Key Infrastructure (DPKI). Microsoft uses ION (Identity Overlay Network) ION is a Layer 2 open to be able to resolve DID documents. ION is an open, public, permissionless Layer 2 Decentralized Identifier network that runs atop the Bitcoin blockchain.
Here is a workshop that demonstrates how to integrate Microsoft Entra Verified ID with an Identity Provider for issuing Verifiable Credentials based Identity tokens. Nevertheless, you can also integrate your Identity Provider with the demo.
We have experience in the following products
Please leave your message or comment and the problems that you want to solve. We will reach you as soon as possible.
Follow our social media to stay connected with us.
