With SSQ signon, each party authorized to use your application is issued an access token
which carries their identity, and may also carry their current permissions. This minimizes
your app's authorization logic, as there is no need to store any session data. Access tokens
have a predefined lifetime, and can be revoked on demand. When not stored in cookies, token based authorization
eliminates severe security threats like CSRF, XSRF or clickjacking, and greatly reduces other threats like XSS.
Username & password authentication
With SSQ signon's password client type your application may swap a user identifier
(e.g. user name, e-mail address, pin code) and password pair for an access token with just
a few lines of code.
Limitless social media
SSQ signon has no limitations on the number or kind of social media
(or other third party) websites you want your user's to sign in with. The websites
don't need to run OAuth, and SSQ singon won't even need to store any of your application secrets.
Handling social media has never been simpler!
Non - human authentication
At SSQ signon we understand that with today's technology it won't be just humans using your application.
On the other hand, automatic devices such as batch jobs, data gatherers, agents, reporting services and other applications
do not require the special treatment designed for the human user. They will e.g. never forget their password,
won't mind logging in several times, and will usually have a constant set of permissions.
In such cases SSQ signon provides the client credentials client type which makes
configuring access for automatic devices as easy and straightforward as possible. You don't even need to store
records for them in your users database!
Single Sign On
Once SSQ signon is integrated with your users database, any number of client applications may
be easily configured to use this single set of users. SSQ signon also provides the special
authorization code client type and safe redirect mechanism to easily authorize several "slave" applications using
one "master" application. It is even possible to configure single sign on when
your "master" application uses a different authorization technology!
Being developers ourselves, we have put our best effort into
making our service "stupid simple" to use during your software's entire life cycle.
With our black-box solution and detailed getting started guide your development
team requires almost no prior knowledge of internet security to produce a super secure application.
Using all the features of our solution requires very little effort and minimum lines of code
with our example apps. SSQ singon even provides
a dummy users endpoint, so you don't have to use your production users database
during development and testing!
OAuth 2.0 made easy
SSQ signon builds on top of the super secure, state of the art OAuth 2.0 protocol, and provides
an easy to use black box solution that hides the protocols complicated internals away from the developer.
For OAuth 2.0 experts: SSQ signon implements all of the OAuth 2.0 specification, save the "implicit" grant type.
"authorization code", "password" and "client credential" grant types are provided by configuring the
respective client types. Additionally SSQ signon does not provide an authorization endpoint,
but instead makes it super easy to set up your own authorization endpoint using the provided safe redirect mechanism.
Platform & device independent
SSQ signon can be used with any technology, on any device where communication
with the internet is possible. Java, Python, Ruby, .net, Node.js, C++, PHP, Android, Windows,
Linux, iOS ... you name it, we've got it covered.
SSQ signon communicates with your users database through a simple http endpoint
and thus can be used with any database and any user/permission schema. A dummy users endpoint
is also provided, so you don't have to set the connection up right away. SSQ signon will never store
any readable information from your user records, save the information entered into the dummy users endpoint.
No cookies required
As cookie enabled websites are prone to severe cookie-specific security threats that
may be difficult to understand, handle and test, SSQ signon does not require