Posted by:
admin
11 years, 6 months ago
We're kicking off a series of posts discussing our API and how to use it to make your two-factor authentication roll-out hassle-free. Most of our customers use the API if only via some of the scripts we provide. For example, we provide a sample script that allows users to register their own software tokens after validating via their Active Directory credentials. But the API is capable of much more than that. It was developed over time based on feedback from a number of our Enterprise and SaaS customers. In particular, our SaaS customers needed secure multi-tenant user management tools that allowed them to push user control to their customer and that minimized costs.
You can't have a discussion about APIs without thinking about the various SaaS-based APIs out there. Obviously, you are hosting the WiKID server in your environment, either in the cloud or on-premise. Another difference is that we require an SSL client certificate. Most APIs require only a shared-secret in the form of a 'key'. That's not quite good enough for two-factor authentication. Client-side SSL certs can be difficult, but the WiKID server handles most of the complexity for you. The WiKID server will also handle the firewall for you. The WiKID server keeps these SSL connections open, so there is not much overhead in the SSL. The server is also quite reliable.
The API is XML based. Protocol documentation is here: http://www.wikidsystems.com/support/wikid-support-center/manual/wikid-network-client-wclient-api-manual. You can also always see the most recent implementation in the example.jsp file on the WiKID server. It is well-commented. You can also download various implementations here: http://www.wikidsystems.com/downloads/network-clients. We currently support java, python, ruby, PHP, and C#. These packages are all LGPL licensed, so you can easily add two-factor authentication to your code without any license concerns. If you need a different license, let us know. We released the java client under the Apache license for the Cloudstack project so they could embed WiKID two-factor authentication in Cloudstack.
In future posts, I'll discuss the transaction types and how you can use the API to reduce the costs of your two-factor authentication deployment.
Share on Twitter Share on FacebookRecent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)