Product Guide
Organization Administration

Kubeark Identity

3min

Kubeark IDP & SSO capabilities help customers manage their Kubeark users from within their company IDP. This allows organizations to manage user authentication and access across multiple applications and services.

An Identity Provider (IDP) is a critical component of the organization's authentication and authorization infrastructure, responsible for managing and providing digital identities for its users. IDP acts as a central authority for user authentication and access management, allowing users to authenticate with a single set of credentials across multiple applications and services. This provides secure and reliable authentication services by verifying user identities and granting access based on predefined policies and permissions. IDPs also enable organizations to integrate with other external services that support standard authentication protocols, such as SAML or OAuth, further enhancing security and usability.

Kubeark provides secure and reliable authentication services for its users and offers application developers and security engineers a dependable and secure solution for authentication in virtually any scenario. There are robust recovery actions available for the users and applications, including user profile and password management. You can quickly edit, deactivate, or even impersonate a user profile, and set a new password for new users or reset an existing password. Kubeark supports all of the major providers, such as OAuth2, SAML, LDAP, and SCIM, so that administrators can choose the protocol that they need for any given scenario.

Supported protocols

Kubeark supports a variety of authentication protocols, offering flexibility and integration options, through: SAML2, LDAP, OAuth2, OIDC

Federation Support

Kubeark provides support for multiple federation protocols, enabling users to authenticate and authorize access to applications and services securely. The platform supports a range of federation protocols, including SAML2, LDAP, OAuth1, OAuth2, and OIDC. These protocols provide a standardized and secure way for users to authenticate and access resources across different environments and applications. With support for these protocols, Kubeark offers flexibility and integration options, allowing users to use their preferred identity provider for authentication and access control.

Multi-Factor authentication

The platform provides support for multi-factor authentication (MFA), which adds an extra layer of security to user accounts by requiring additional authentication factors beyond just a username and password. This feature significantly reduces the risk of unauthorized access to applications and resources.

Kubeark also supports conditional access policies, which allow administrators to define specific conditions for accessing resources, such as location, device, and user group, among others. These policies ensure that only authorized users are allowed to access resources and help prevent unauthorized access attempts.

Additionally, Kubeark offers application proxy capabilities that enable secure remote access to applications and resources. This feature provides a secure gateway that acts as an intermediary between the client and server, allowing users to access their applications and resources from anywhere, while ensuring that traffic is securely encrypted and authenticated.