You are here

HomeResearch topicsSecurityFiles & ResourcesIdentity Management Framework

Identity Management Framework

What You Get

The Identity (ID) Management Framework is based on the OpenID protocol. Using this framework, you can provide sign-up and sign-in functionalities on your website easily and securely.

Watch this short demo video to see what it does.

The ID Management Framework has two main components:

  • An API that allows you to easily provide secure registration and authentication functionalities to your website. You can request user information such as full name, email, phone or other attributes commonly requested on registration forms. You can also select which authentication method our ID Management Server should use for your users: username/password or GBA-based authentication*.
  • A Portal that allows your end-users to manage and control their accounts. Once a user is logged into the portal, he or she can securely access any OpenID-enabled website while controlling all the personal information that is shared with them.

In short, you select the identity attributes you wish to receive as well as the authentication method and our framework does the rest.

How it works

The API allows you to construct OpenID-enabled websites. In the most basic scenario, whenever a user logs into an enabled website, he/she is redirected to the ID Management Portal to be authenticated. Once the process is complete, the (now authenticated) user is redirected back to the website. As long as the user does not close the browser after this first authentication or logs out from the ID Management Framework, he/she can log in or register to any other enabled website without having to re-authenticate.

The framework functionalities are based on two main technologies: OpenID and Generic Bootstrapping Architecture (GBA). OpenID is a standardized protocol for identity management and single sign-on, and is nowadays widely adopted all over the Internet. The GBA standard is the upcoming technology for mutual authentication using Mobile Network Operators’ infrastructure, thus allowing mobile users to access secured services in a much easier manner, simply by using their cell phones*.


* For the GBA-based authentication, the ID Management Framework integrates with the MWSB API from Ericsson Labs to enable GBA (Generic Bootstrapping Architecture) authentication. The ID Management Framework implements software that partially simulates SIM Card functionalities, which we call GCE (GBA Credential Engine). See our documentation for details.