View Source


Whydah is a Identity Provider and Single Sign On enabler consisting of five main components with clearly defined responsibilities.

h3. *tl;dr*

// Execute a POST to authenticate my application
String appToken = Request.Post("")
.bodyForm(Form.form().add("applicationcredential", myAppCredential).build())

// Find appTokenID from applicationToken
String appTokenID = $(appToken).xpath("/applicationtoken/params/applicationtokenID[1]");

// Execute a POST to SecurityTokenService with userticket to get usertoken
String usertoken = Request.Post(""+appTokenID+"/get_usertoken_by_userticket/")
.bodyForm(Form.form().add("apptoken", appToken)
.add("userticket", userTicket).build())

// That's all you need to get a full user database, IAM/SSO, Facebook/OAUTH support ++
boolean hasEmployeeRoleInMyApp = $(usertoken).xpath("/usertoken/application[@ID="+myAppId+"]/role[@name=\"Employee\"");
(Example using Apache HTTP Components Fluent API and jOOX Fluent API)

*Whydah IAM integration int three simple steps*

h3. Getting Started

* [Whydah Product Sheet|]
* [Whydah Key Features]
* [Getting Started - using Whydah SSO/IAM for your application|Integrating with Whydah]
* [Integrating with Whydah]

h3. Key benefits
* Leverage IAM/SSO to reduse time&cost on custom solutions
* SSO and IAM the _agile way_
* Moderrn and flexible secure microservices architecture for high scalability and availability
* Transition from one userdatabase per system to the integrated identity of the cloud)
* _Least expensive way to better user experiences_
* system threat-level support built-in (read: DEFCON)
* Collaborative application authentication

h3. Some important [Whydah Key Features]
* User Authentication by 3rd party IdP's (LDAP, Facebook, NetIQ Access Manager, AD)
* High scaleability (millions of requests/user sessions/users)
* High Availability support. (2-100 cluster members)
* Support various complex QoS configurations
* User storage
* UserAdministration GUI
* Flexible role setup with users, applications, on behalf of or using agreement/contrect, roles, properties.
* Provide SSO and IAM for any application.

h3. Whydah modules
{children:page=Whydah Modules }

Whydah - *because you should never have to develop another user database ever again*

h3. Architectural overview


Note, [Defense in depth|] strategy.

If you want to learn more about Whydah, see documentation in this space or visit []

h6. Contributing
* [Getting Started - contributing to Whydah development|Contributing to Whydah - demo and test installation]