ConnectID Security Profile Basics
Get familiar with ConnectID Security Profile: what it is and why it is important. Learn when it should be used and when you have to comply to its rules.
ConnectID Overview
ConnectID serves as a comprehensive digital identity platform, simplifying the complex process of identity verification. ConnectID allows individuals to securely store and manage their personal information, ensuring that their identity remains protected while granting them control over its usage. The platform employs cutting-edge encryption and data protection measures, ensuring that sensitive information is safeguarded from unauthorized access.
One of the key benefits of ConnectID is its ability to streamline online transactions. By leveraging ConnectID's services, businesses can verify the identity of their customers quickly and reliably, reducing the risks associated with fraud and identity theft. The platform integrates seamlessly with various online services, eliminating the need for repetitive identity checks and enhancing the overall user experience.
ConnectID is based on the latest FAPI 2.0 for protection of APIs exposing highly sensitive data. For more information, be sure to take a look at our more in-depth blog about FAPI 2.0.
ConnectID Requirements for Authorization Servers
ConnectID requires from the authorization servers to:
Use only the authorization code flow grant type.
Optionally, use certificate bound access tokens as an additional security layer. To learn more about such tokens, see the OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens documentation.
Support JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) if requested, causing all response parameters defined for a given response type to be conveyed in a JWT. To achieve further security hardening, you can encrypt the JWT.
SecureAuth is a certified early adopter of the ConnectID implementer's draft.
SecureAuth allows third parties to participate in the ConnectID ecosystem by providing the crucial consent piece of the ecosystem.
SecureAuth's authorization servers (workspaces) can be configured to be fully compliant with ConnectID's guidelines for authorization servers. Additionally, while creating a workspace you can choose the already compliant ConnectID workspace profile.