Main features of TeskaLabs SeaCat Auth

Authentication

• Second-factor Authentication (2FA) / Multi-factor Authentication (MFA)
• Supported factors:
  • Password
  • Time-based One-Time Password (TOTP)
  • SMS code
  • FIDO2 / WebAuthn
  • YubiKey
  • Idem Key
  • Android phone
  • Apple TouchID / FaceID
  • Other authenticators / keys
  • Subnet (ROADMAP 🗺️)
  • Request header (X-Header)
• Machine-to-Machine Authentication
  • API keys (ROADMAP 🗺️)
• End-to-End encryption in login sessions

Authorization

• Role-based access control (RBAC)
  • Roles
  • Resources
• Policies (ROADMAP 🗺️)
• Attribute-based access control (ABAC) (ROADMAP 🗺️)

Identity management

• Federation of user identities (aka credentials)
• Available identity providers:
  • LDAP and Microsoft Active Directory
  • Google
  • MongoDB
  • File (htpasswd)
  • In-memory dictionary
  • ElasticSearch
  • MySQL
  • Custom identity provider (Python 3 class)

General

• Multitenancy including tenant management for other services and applications
• Session management
• Single-sign on
• OpenId Connect / OAuth2
• Authorization/authentication introspection backend for NGINX
• Authorization/authentication interceptor for 3rd party applications (aka "Batman")
• Kibana & ElasticSearch
• Grafana
• Docker registry / NGINX (ROADMAP 🗺️)
• HTTP Basic Authentication
• Provisioning mode
• Structured logging over Syslog 5424
• Audit trail
• Telemetry
• InfluxDB
• Prometheus / OpenMetrics

User interface

• Full localization / internationalization

Web User Interface for users

• Login
• Registration of new users
• Self-care portal

Web User Interface for administrators

• Credentials administrations
• Tenant management
• RBAC management
• Session management