Simple Secure Identity Management

Cloud IDaaS for Internet End Users, Applications and Devices

Configure End Users. Signed JWT tokens protect your request from origin to endpoint via the Verviam API Gateway. Configure end users and endpoint REST APIs. Credentials can be forwarded encrypted, unencrypted, or as a signed JWT token, using the account secret key. Endpoint services are authenticated at the Verviam API Gateway before being forwarded to destination URIs. See the Configuration Guide.
    - End users can be e.g. user ID, device ID, client ID, signed JWT.
    - Secrets can be e.g. Password, Client Secret, JWS Token with OpenID Scopes
    - Policy based tags provide access protected resources (ABAC).

A signed Verviam JWT (JSON Web Token) is issued for each endpoint, to be validated prior to request forwarding, secured by PKI rotated keypair.

Sign in to your account to register endpoints and end user credentials



Enter 6 digit PIN:   Enter password:    

All private data is field level encrypted in transit to and from your browser over the public internet.


     
Configure End Users. Signed JWT tokens protect your request from origin to endpoint via the Verviam API Gateway. Configure end users and endpoint REST APIs. Credentials can be forwarded encrypted, unencrypted, or as a signed JWT token, using the account secret key. Endpoint services are authenticated at the Verviam API Gateway before being forwarded to destination URIs. See the Configuration Guide.
    - End users can be e.g. user ID, device ID, client ID, signed JWT.
    - Secrets can be e.g. Password, Client Secret, JWS Token with OpenID Scopes
    - Policy based tags provide access protected resources (ABAC).

Verviam Download Logs as CSV


Configure Destination Endpoint:
Use only letters, numbers, hyphens, or underscores with no spaces for Endpoint Name
   Description :
Credentials Forwarding:
  JWT Token RS256 signed with account Private Key (verified with the Public Key). e.g. www.example.com/myApp?JWT=mysignedJWT
  Complete connection string including endpoint URI and credentials e.g.myexampleAPIGateway.com/myapp?query=myquery&secret=mysecret
  SecretID/secretValue and endpoint URI e.g. www.example.com/myApp?userID=encryptedID&password=encryptedPassword



Use the Secrets option for passing credentials in the form of an identifier e.g. UserID and Password, ClientID and Secret Value, TokenID and Token
Forward Endpoint: Verviam will forward an unencrypted request as e.g. www.example.com/myApp?userID=myID&password=myPassword. An encrypted request as e.g. www.example.com/myApp?userID=encryptedID&password=encryptedPassword. The encrypted parameters must be decrypted at the endpoint.
          

Use the Connection URI for the destination endpoint connection string. Add optional parameters to complete connection as appropriate
Verviam forwards an unencrypted request to an endpoint as e.g. https://www.example.com/connectionURI?query=myquerystring&userID=myuser&pwd=mypass.
Verviam forwards an encrypted request as e.g. https://www.example.com/connectionURI?params=myEncryptedOptionalParameters.
Encrypted parameters must be decrypted at the endpoint server. See Verviam User Guide
           OK X

   Token expiry (minutes) :     
Add JWS Token Payload (max 5 items). Override token default expiry time of one hour as required. Payload Items can be any custom scopes understood by your application, as well as OAuth 2.0 OpenID Connect required elements. Forward endpoint: Verviam will forward a signed JWT request as e.g. https://myServiceEndpointURI?JWT=JWTToken
Credentials Encryption Option:
  Forward my secretID/secret, connection parameters and endpoint tags encrypted with my secret Key, protected by my RSA public/private keypair.
  Forward unencrypted to my application/system. My network connection is secure, and does not require encrypted message content.
Identity Data Option:
  Store encrypted personal identity data for this End User/Endpoint

 
    
      
 
    
Endpoint Tags Option:
  Store tags with this End User/Endpoint

          OK X

Verviam

It is advisable to rotate keys regularly as a strong security measure. This operation cannot be undone!
You must copy all account REST APIs again as the encryption values of your services will be updated.
The new keys may require updated decryption configuration on your system, to decode your endpoint encrypted parameters.
See Verviam Configuration Guide for more information on how to use the keys

Keep keys in a safe place. They are only accessible from this page.

Update Rotation Status: Either schedule key rotation or rotate keys now:

Rotate Account Encryption Keys daily    Note: new JWT tokens are issued every 24 hours
Remove Existing Daily Keys Rotation    Note: JWT tokens will no longer be updated daily

Include encrypted Verviam ID to prevent token interception:

Authentication double check (authentication occurred in last 60 seconds)    Note: This enables a second network check to prevent token interception
Stop including authentication double check    Note: No additional authentication check

The RSA PublicPrivate Keypair: modulusLength: 2048,
publicKeyEncoding: {type: 'pkcs8', format: 'pem' },
privateKeyEncoding: {type: 'pkcs8', format: 'pem'}.

   

copy Copy Secret Key    
copy Copy Public Key    
copy Copy Private Key    


Verviam