Managed stateless sessions

To enable session management that is independent from http-accelerator layers and from caching user sessions and use data, the miaa TokenIssuer provides ID-tokens adopting the OpenID Connect conventions.

Using ID-Tokens avoids the need to maintain and store sessions server-side, neither on disk nor in memory. As such, the TokenIssuer enables ‘stateless’ sessions.

miaa TokenIssuer integrates with an Identity Management Platform that is OAuth-based and that allows external API access. It issues an ID Token or Access Token, if compatibility with OAuth is needed.

Please refer to Access to streaming video and Offline sessions for some use cases.

Externalised access control

In combination with the miaa PolicyChecker, the TokenIssuer will conditionally issue an ID Token. Only if the rules are complied with by the user, will he receive a fresh ID Token to access your digital services.

Externalising the control of access allows you to implement enforcement logic in a secure and scalable way. This ensures all your platforms are protected by the same mechanism without using the traditional bottleneck of a reverse proxy.

miaa TokenIssuer is a component of miaa PolicyGate.