Managed stateless sessions
To enable session management that is independent from http-accelerator layers and from caching user sessions and use data, the miaa TokenIssuer provides ID-tokens adopting the OpenID Connect conventions.
Using ID-Tokens avoids the need to maintain and store sessions server-side, neither on disk nor in memory. As such, the TokenIssuer enables ‘stateless’ sessions.
miaa TokenIssuer integrates with an Identity Management Platform that is OAuth-based and that allows external API access. It issues an ID Token or Access Token, if compatibility with OAuth is needed.
Please refer to Access to streamed content for some use cases.
Externalised access control
In combination with the miaa PolicyChecker, the TokenIssuer will conditionally issue an ID Token. Only if the rules are complied with by the user, will he receive a fresh ID Token to access your digital services.
Externalising the control of access allows you to implement enforcement logic in a secure and scalable way. This ensures all your platforms are protected by the same mechanism without using the traditional bottleneck of a reverse proxy.
The miaa TokenIssuer is designed, set-up and operated using our Taking care managed lifecycle.
During the Build phase, our integration services will:
- Coordinate with web developers, mobile developers, IT, the Identity Management Platform vendor and any third party platform vendor in scope
- Tailor the configuration settings and API endpoints