ti&m Secure Mobile authentication

This feature is deprecated and will be removed in IAM 8.0.

Airlock IAM supports the "Secure Mobile" solution of ti&m's Security Suite. It can be used to authenticate requests sent by mobile apps using the ti&m API for mobile applications.

Airlock IAM calls the ti&m Security Server in order to authenticate HTTP requests (typically REST calls) obtained from Airlock Gateway (WAF) via the one-shot interface.

1. Mobile App Authentication: The mobile app authenticates itself using the ti&m API: it communicates directly with the ti&m Security Server (IAM is not involved). The process results in an access token in the app.
2. Request Authentication: The mobile app includes the access token in every HTTP request. Using the one-shot feature, the Airlock Gateway (WAF) sends the access token to IAM which checks it against the ti&m Security Server.

No Registration Self-Service Available

The mobile app needs to be registered ("enrolled") with the ti&m Security Server. This can be done through activation letters: they can be generated by the IAM Adminapp (please check the available rendering features).

Airlock IAM does not provide a user self-service for app registration.

The Airlock IAM configuration handles different aspects of the ti&m Secure Mobile solution:

• Authentication of Requests: ti&m secure mobile one-shot configuration
• Administration of Apps: ti&m token management in the Adminapp