Main features of TeskaLabs Seacat Auth

Authentication

• Second-factor Authentication (2FA) / Multi-factor Authentication (MFA)
• Supported factors:
  • Password
  • Time-based One-Time Password (TOTP)
  • SMS code
  • FIDO2 / WebAuthn
    • YubiKey
    • Idem Key
    • Android phone
    • Apple TouchID / FaceID
    • Other authenticators / keys
  • Subnet (ROADMAP 🗺️)
  • Request header (X-Header)
• Machine-to-Machine Authentication
  • API keys (ROADMAP 🗺️)

Authorization

• Role-based access control (RBAC)
  • Roles
  • Resources
• Policies (ROADMAP 🗺️)
• Attribute-based access control (ABAC) (ROADMAP 🗺️)

Identity management

• Federation of user identities (aka credentials)
• Available identity providers:
  • LDAP and Microsoft Active Directory
  • Google
  • MongoDB
  • File (htpasswd)
  • In-memory dictionary
  • ElasticSearch
  • Custom identity provider (Python 3 class)

General

• Multitenancy including tenant management for other services and applications
• Session management
• Single-sign on
• OpenId Connect / OAuth2
• Authorization/authentication introspection backend for NGINX
• Authorization/authentication interceptor for 3rd party applications (aka “Batman”)
  • Kibana & ElasticSearch
  • Grafana
  • Docker registry / NGINX (ROADMAP 🗺️)
  • HTTP Basic Authentication
• Provisioning mode
• Structured logging over Syslog 5424
• Audit trail
• Telemetry
  • InfluxDB
  • Prometheus / OpenMetrics

User interface

• Web User Interface for users
  • Login
  • Registration of new users
  • Self-care portal
• Web User Interface for administrators