What is new

Reduce Safewhere Identify’s start-up time

Safewhere Identify is a big product with huge amount of features which also means that it has plenty of things to do during start up time. However, in reality our customers love not only features but also request for speed. […]

Microsoft Office 365 integration

Safewhere Identify is fully qualified to work with Microsoft Office 365 from version 5.1++. Please refer this documentation: here

HTTP Security Headers

Introduction Safewhere Identify now has support for a set of HTTP response security headers that per OWASP: “your application can use to increase the security of your application. Once set, these HTTP response headers can restrict modern browsers from running into easily preventable vulnerabilities.” […]

Safewhere UserMigrator – Identify – AzureAD

Introduction The User Migrator Identify – Azure AD application is an application that makes the export and import of users from Identify user store to Azure AD easier. The User Migrator is meant as an administrator tool – and should […]

Breach notification: export Identify data

Introduction  When a data breach happens, we need to notify all affected users about the breach. The approach is that we can write a script to extract email addresses from Identify database to a CSV data file by using the […]

Safewhere Identify data encryption

Data encryption  Safewhere Identify stores its main data in either Azure SQL or SQL Server databases and this document will show you how to do encryption for its data.  There are usually two main layers of encryption: encryption at the database level (also called encryption at rest) and encryption at the application […]

OAuth 2.0 samples

New samples  AspnetWebMvc   This is a web application using ASP.NET MVC framework. In this sample, it shows how to execute OAuth 2.0 requests using code flow, implicit flow and hybrid flow.   Link: https://github.com/Safewhere/OIDC/blob/master/src/CSharp/AspnetWebMvc   NancyOwinClient  This is a web application using Nancy framework. […]

Enhancements and bug fixes – version 5.5

Enhanced verification URI on device-pairing flow  There are two enhancements on device-pairing flow of Identify version 5.5.   It supports “verification_uri_complete” on device authorization response which is designed for non-textual transmission.   If user_code exists in verification url, fills it into the user code textbox with a message “please confirm that the code […]

Support more options for parameter “prompt” on authorization request

According to OpenId Connect Core specification, authentication request could optionally support prompt parameter for some specific login flows. This parameter specifies whether the Identify OAuth 2.0 server prompts the End-User for re-authentication.  On version 5.4, there are 2 options (‘login’ and ‘none’) supported. From version 5.5, we added […]

Hybrid flow

Hybrid flow is another new OAuth 2.0 feature for which Identify has support from version 5.5. The specification is at https://openid.net/specs/openid-connect-core-1_0.html#HybridFlowAuth.   In short, this flow is a combination of the code flow and the implicit flow. It allows the user-agent to retrieve an identity token immediately […]