Your users complain about the multiplication of passwords ? Your administrators complain about having to manage continuing losses and a too complex rights management system ? Our Web SSO (Single Sign-On) solutions allow you to counter these problems while guaranteeing the respect of the users privacy.

Your group must be able to interconnect with the state administrative services or your partners services ? The identity federation protocols that we use enable the interconnection of the identity management systems of multiple groups.

The digital identity management comprises authentication, access control, digital trust, and identity data repositories management technologies. We master each of these and we provide related products and services. Our solutions are used in several large scale projects and enable the implementation of a complete identity management and federation system, whether for a company or an administration.

We also devote an important part of our efforts to research and development works.

To add SAML (or other protocols such as ID-FF, ID-WSF, CAS...) protocol support to your web applications, we offer a set of free products (under GPL license) and a complete set of services around these products to help you, if needed, for their deployment. The different blocks used to implement SAML support are:

• Lasso, library written in C.
• Mod_Mellon, an apache module.
• Mandaye, a SAML 2.0, OpenID and CAS reverse-proxy.
• Django Authsaml 2 module delivered with Authentic 2.

For the applications that you do not wish to modify, Mandaye or Mod_Mellon are the best solutions. Mandaye is configured as HTTP gateway in front of your applications and makes these compatible with SAML 2.0, CAS or OpenID. The second integration solution, more invasive and also more efficient, is the modification of your applications, either using our Lasso library, or using the Django authsaml2 module integrated to Authentic 2.

A unique authentication web system enables the minimization of the user interactions to identify when accessing multiple web applications. Authentication centralization enables the focus of authentication mechanisms securing efforts on a central server managing authentication.

We offer an authentication server, based on Lasso, called Authentic 2. It supports several unique authentication protocols (SAML 2.0, ID-FF 1.2, OpenID and CAS) and multiple standard authentication mechanisms: classic and unique use passwords (OATH and google-authenticator), by certificates (via SSL/TLS) and via a tiers SAML 2.0/OpenID unique authentication server (Authentic 2 can thus work as a SAML 2.0/OpenID from/to SAML 2.0/OpenID proxy).

We offer to the public an open identity provider "in the cloud" called Identity Hub. Everyone can sign up for a free account. The site has no advertisement.

Identity Hub allows you to use a personal SAML 2.0 or OpenID unique authentication server.

Identity Hub also enables the diffusion of identity attributes during authentication to facilitate the entry of personal information. However, each user is free to fill and to diffuse or not these attributes.

Identity Hub is a deployment of Authentic 2 added with explanatory texts and a theme. This platform shows the potential of Authentic 2. Identity Hub is regularly updated whenever new features are added to Authentic 2.

We provide a complete set of services (hosting, installation, deployment, training) and specific developmentsaround our applications, to offer any additional feature.

We also offer a first class support through yearly contracts or through a tickets system to guarantee the exploitation without any unavailability.

Entr'ouvert is at the core of a number of important projects on identity management. Entr'ouvert has participated in the launch of the Mon Service Public platform (by interconnecting the services of the Adeline project of the Caisse des Dépôts et Consignations). We have also developed a captive portal for the identity federation of higher education and research. We have also helped Cisco in the integration of the SAML 2.0 technology in its appliances as well as the Gendarmerie Nationale.

Entr'ouvert has participated in the ANR FederID and FUI FC² projects by providing its expertise. Entr'ouvert has also played a central role in the RoleID project, consult our R&D page to know more.