0

I am trying to research a project on how to connect to multiple enterprise environments that employ multi-factor authentication using a singular approach. My question is, are there any systems out there that can provide a single MFA interface that implements multiple back end MFA systems. For instance we have companies that we work with that employ RSA, Google Auth, and some variety of smaller players.

Can this be done and if so what tools exist out there that can help accomplish this?

spinon
  • 101
  • 2
  • What you’re looking for is single sign on it sounds like. This can be accomplished by a trust between federated identities. But, this would require all the authentication providers to agree to trust each other. – Appleoddity Feb 07 '18 at 20:29
  • I think the issue is that each of the entities involved in this relationship are proprietary. So our business provides services to multiple entities unrelated to each other. We are trying to see if there is a way to create a universal bridge between each of these unique MFA environments without asking the client to make any changes to their environment. – spinon Feb 07 '18 at 22:00
  • If the purpose is to avoid multiple MFA prompts, similar to single sign on, then it would not be possible. One identity provider would have to trust the tokens from the other. – Appleoddity Feb 07 '18 at 22:02
  • Yeah that is exactly what I was thinking about. I have read somewhere that there can be times where if a client is using an RSA solution we could internally set up our own RSA server and have their server trust our server. Then instead of using their tokens we could use our own. If we had multiple clients with an RSA solution in theory I would think we could sync our server with multiple RSA instances but I am not sure if that is true or not. Also that only solves for my RSA solution. – spinon Feb 07 '18 at 22:40

0 Answers0