Developer Menu
Developer Menu
.
Mobile Biometric Auth for AWS Set Up
At the moment you can connect LoginTap as an OpenID SSO provider for all your apps run on AWS. Upcoming is SAML type authentication for corporate applications.
With the Logintap OIDC for Amazon Web Services, you will be able to easily add several different types of auth into your AWS applications. For example, you may authenticate users with their biometric faceID and fingerprint, or allow them to confirm identities using mobile instant messengers.
1. Steps to launch Logintap for AWS
1. Register with LoginTap & create a new Project in LoginTap
2. Set the project as OpenID connect provider, generate OpenID tokens, choose Auth method, as shown here.
3. Setup Identity Provider your Amazon Web Services account as shown in this document below.
Done!
2. Auth points
Depending on how your AWS-powered software is set up, you can choose to implement any of the following access types:
Https://yourapplication.com
2.1 No Login, No Pass
2.2 No Password
>
>
>
Https://yourwebsite.com
>
>
Https://yourapplication.com
Enter Login
Press for Mobile Auth
2.3 Second Factor Auth
Https://yourwebsite.com
>
>
Https://yourapplication.com
You Login
& Pass are Correct
& Pass are Correct
Waiting for your Mobile Confirmation
Waiting for your Mobile Confirmation
User is recognised via cookie (or alike), when opening the application. No logins/passwords, all is done through mobile 2FA. The same works for business process auth type cases.
Best for maximum convenience for your users.
Best for maximum convenience for your users.
User enters login only, presses the Login button, and the rest is done via mobile 2FA.
As a subcase - the user forgot a password, gets quick access with just the login.
As a subcase - the user forgot a password, gets quick access with just the login.
User first passes full standard auth with login and password, then the mobile 2FA auto starts.
Best for pure 2 factor auth with maximum security.
Best for pure 2 factor auth with maximum security.
4. Step-by-step AWS OICD Instruction
Login into your AWS account and press this link to open the IAM Management console.
1. Press Identity Providers marked as Step 1 in orange color ↓,
2. then Add Provider (Step 2 - a blue button on your right)
3. Select OpenID Connect - marked blue ↑ (IMAGE ON THE LEFT)
Then fill in OICD data from the Logintap account (IMAGE ON THE RIGHT), where:
4. "Provider URL", marked red ↑ in AWS = "Issuer" in Logintap
5. "Audience", marked green ↑ in AWS = "Application Id" in Logintap
6. Press "Get thumbprint", marked purple ↑ in AWS (= "API Token" in Logintap), if all above is done right, your screen will change to:
Then fill in OICD data from the Logintap account (IMAGE ON THE RIGHT), where:
4. "Provider URL", marked red ↑ in AWS = "Issuer" in Logintap
5. "Audience", marked green ↑ in AWS = "Application Id" in Logintap
6. Press "Get thumbprint", marked purple ↑ in AWS (= "API Token" in Logintap), if all above is done right, your screen will change to:
The area marked red ↑ in AWS will have a Thumbprint, which is AWS's way to call an API security token.
7. Copy this token into Logintap's project settings, the field called "API Token", which is the only editable field on Logintap OIDC page.
The AWS thumbprint can always be copied later on, if you press the Identity provider, marked red ↓:
7. Copy this token into Logintap's project settings, the field called "API Token", which is the only editable field on Logintap OIDC page.
The AWS thumbprint can always be copied later on, if you press the Identity provider, marked red ↓:
Now, all you need to do is to assign the newly added Identity provider a role in your AWS powered system. marked blue ↑.
Then, select Web Identity, marked blue ↓, and then choose the Logintap as the identity provider and your relevant "Audience" (which is just an application/project ID in Logintap and you can have as many such applications/projects as needed) marked red ↓.
Then, select Web Identity, marked blue ↓, and then choose the Logintap as the identity provider and your relevant "Audience" (which is just an application/project ID in Logintap and you can have as many such applications/projects as needed) marked red ↓.
That is it.
The rest of the setup depends on your needs. Please click for AWS own help docs - here.
The rest of the setup depends on your needs. Please click for AWS own help docs - here.
2020 - 2023 Logintap.com
All rights reserved
All rights reserved
Contact us
This Section Is Under Construction.
We plan to release it within a few weeks.
Leave us your email and we will inform you when this is done, or when other Logintap news are out.
Leave us your email and we will inform you when this is done, or when other Logintap news are out.
Please note, that by submitting your email you agree to our privacy rules, as described in the footer of this website.
Sign Up
Press to login into an existing account or recover your password.
By submitting this form you agree to legal Terms and Privacy rules. Links for these could be found in footer of this website.
By submitting this form you agree to legal Terms and Privacy rules. Links for these could be found in footer of this website.
We use cookies to personalize content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you've provided to them or that they've collected from your use of their services. You consent to our cookies if you continue to use our website.
OK
|
