Authentication
LeZa provides an out-the-box implementation for the right authentication to support your projects
Last updated
Was this helpful?
LeZa provides an out-the-box implementation for the right authentication to support your projects
Last updated
Was this helpful?
LeZa is in itself an identity provider based on the implementation. It allows you to register users and keep their information safe. Easy access to this information is accessible through our open .
LeZa seemlessly manages connections to other Identity Providers for your application and sits between your application and the Identity Provider that authenticates your users.
LeZa provides SSO or Social Sign-in which allows you to connect to Identity Providers like , , and many more with zero fuss.
An external identity provider is a service that creates and maintains identity information and then provides authentication services to your applications. Integrating with external identity providers can significantly reduce sign-in and registration friction, which allows your users to easily access applications without needing to create new passwords or remember usernames.
LeZa allows you to control access to your application using both the OAuth 2.0 and OpenID Connect specifications.
(OIDC) is an authentication protocol that is an extension of . While OAuth 2.0 is only a framework for building authorization protocols and is mainly incomplete, OIDC is a full-fledged authentication and authorization protocol. OIDC also makes heavy use of the (JWT) set of standards. These standards define an identity token JSON format and ways to digitally sign and encrypt that data in a compact and web-friendly way.
LeZa enables allowing users to configure MFA. Organisation admins are able to set MFA as a requirement for all users in the organisation. The multi-factor authentication methods that are provided are:
Using an authentication app like Google Authenticator
Using one or more phone numbers
Using your email address
Something the user knows (eg. Password or Pin)
Something the user has (eg. Hardware key or Phone)
Something the user is (eg. Fingerprint or Facial Recognition)
MFA to be required by users (forced) and which methods to allow
The token expiration time period for user registration and password reset
Password length and strength requirements
Maximum password lifetime
What is Strong Customer Authentication? Strong Customer Authentication () is a new European regulatory requirement to reduce fraud and make online services more secure. SCA requires authentication to use at least two of the following three elements:
have the flexibility to configure their own authentication policy requirements for the following items:
Permissible