This feature is deprecated and will be removed in IAM 8.0.
Airlock IAM supports the "Secure Mobile" solution of ti&m's Security Suite. It can be used to authenticate requests sent by mobile apps using the ti&m API for mobile applications.
Airlock IAM calls the ti&m Security Server in order to authenticate HTTP requests (typically REST calls) obtained from Airlock Gateway (WAF) via the one-shot interface.
Authentication flow
- 1.Mobile App Authentication: The mobile app authenticates itself using the ti&m API: it communicates directly with the ti&m Security Server (IAM is not involved). The process results in an access token in the app.
- 2.Request Authentication: The mobile app includes the access token in every HTTP request. Using the one-shot feature, the Airlock Gateway (WAF) sends the access token to IAM which checks it against the ti&m Security Server.
No Registration Self-Service Available
The mobile app needs to be registered ("enrolled") with the ti&m Security Server. This can be done through activation letters: they can be generated by the IAM Adminapp (please check the available rendering features).
Airlock IAM does not provide a user self-service for app registration.
Configuration in IAM
The Airlock IAM configuration handles different aspects of the ti&m Secure Mobile solution:
- ●Authentication of Requests: 17.6.2. ti&m secure mobile one-shot configuration
- ●Administration of Apps: 18.8. ti&m token management in the Adminapp