Passwordless Identity Broker

We enable a smooth authentication process across multiple applications using a single set of login credentials, or simply put, your mobile phone serves as the key.

The device's keystore, typically secured in a hardware-protected environment, presents a significant challenge for unauthorized users seeking access to the private keys. This greatly diminishes the likelihood of key compromise.

Generating tokens on the device decentralizes authentication, reducing dependence on a single potential point of failure. In a centralized system, if the authentication server is compromised, all managed accounts are endangered. In contrast, with decentralized authentication, the impact of an attacker compromising a single device is contained to just that device.

By generating and storing keys directly on the device, we limit the transmission of sensitive data over the network, thus reducing the potential for data interception during transit. Without the need for a central authorization server, we further decrease the likelihood of account hacking attacks.

Users have greater agency over their own security. With the private keys stored on their personal devices, they aren't required to place their trust in a third party to maintain their information's security​.

Administrators have the ease of managing user provisioning and de-provisioning via their chosen Identity Provider (IdP). This guarantees a smooth user experience when accessing your application. We provide immediate, hassle-free connections with a variety of enterprise directories, including Okta, Auth0, Google Workspace, and Azure Active Directory.

Push notifications serve as an additional tool in the authentication process, lowering hurdles without compromising security. With CodeB Authenticator, the need for SMS or manual codes is eliminated. Authentication is achieved with a simple one-touch action.

Server Initiated authentication is a process where the authentication request is initiated by the server. By matching the user to their mobile phone, CodeB allows them to log-in to websites and applications quickly without the need to remember passwords and usernames. It's safe, secure and no personal information is shared without permission.

The integrated RFC 3161 Timenotary offers independent and irrefutable proof of time for transactions, documents, and digital signatures. It is also compliant to the "Cloud Signature Consortium" API.

Our Identity Broker allows you to write your code once and effortlessly integrate with any Identity Provider (IdP) or pre-configured connections, eliminating the need for constant modifications to your web applications. We enable a standardized login flow for a secure and consistent Single Sign-On (SSO) experience. Plus, with the use of custom domains, you can maintain your brand's presence throughout the login process.

The CodeB Identity Broker offers seamless integration with various 3rd Party Identity Providers, including Auth0, Nextcloud, Azure AD B2C, and numerous others.

We've set up several live demos for you to explore. For instance, you can create and use your own Nextcloud account without the need for a password. Additionally, we've developed a basic JavaScript demo to illustrate integration workflows with Auth0 and Wix. This script can also function as a standalone demonstration. If you need a specific demo please do not hesitate to contact us.

We provide several Identity Broker options that are free to use, but we also offer private hosted instances (SaaS) of the Identity Broker, or a software package that can be installed in your own data centers. Reach out to us to determine the solution that best fits your needs.