Integration with Akamai Identity Cloud
The OAuth2 standard recommends the use of the Authorization Code grant type for client applications requesting access tokens on behalf of a user. With this grant type, the user is redirected to authenticate themselves in an external system, such as the OneWelcome widget.
Note
Security and PII
-
The OneWelcome widget is run on PolicyGate's web server to ensure that it is the PolicyGate API that has control over its execution and security for the handling of user credentials. This effectively means that the client application will never see the credentials entered by the user.
-
The PolicyGate API is connected to your highly protected identity management system (such as Akamai Identity Cloud) and does not permanently store any PII or credentials.
Our widget, or user experience (UX), is fully customizable. By default, it covers all essential dialog boxes with which the user supplies their credentials, such as login, registration, and forgot-password flows. These user interaction flows are implemented by Embedded Javascript (EJS) templates that are hosted by the OneWelcome Identity Platform. However, the actual content in terms of HTML, CSS, and JS are fetched from your CDN and can be supplied and maintained by your team. It only requires your mobile app or your web server to build on a (public) OIDC library.
With the OneWelcome widget you can:
- use your own domain name,
- adopt your own styling, wording, and profile attributes,
- create application-specific branding based on client ID,
- adjust the existing user interaction flows to your needs, and
- add data validation.
