IDombud from Fortified ID is designed for organizations that need a secure and trusted digital identity for their employees, partners and contractors. The solution is based on the same core principles as the European Digital Identity Wallet, where the user is in control of their identity and only shares necessary information. IDombud Your organization's own e-ID Issue, manage, revoke your own service ID e-ID for employees, partners, consultants, etc. Linked to role/function – not private person Share only what is needed, privacy-first Quickly issued with our own application service, on mobile, tablet and computer. IDombud from Fortified ID is designed for organizations that need a secure and trusted digital identity for their employees, partners and contractors. The solution is based on the same core principles as the European Digital Identity Wallet, where the user is in control of their identity and only shares necessary information. SUPPORT FOR: FIDO 2 PASSKEY SMARTPHONE TABLET COMPUTER Mobile is the hub for identity and verifiable credentials. In IDOmbud, the mobile phone is the natural place for the user's digital identity and verifiable data. There they are close at hand, ready to be used, displayed and shared when the right situation arises. The mobile phone is the natural place where the user has their digital identity and verifiable data close at hand. The user can start the application with a Passport, National ID card or via local person-to-person identification. The app makes it easy to carry and use identity and verifiable data in everyday life. It creates a more direct and user-friendly way to display, use and share the right data in the right situation. See the app on the Appstore Service identification for a modern and secure business In the public sector, identity is not only linked to the individual as a private person, but to the role in the service. A doctor, administrator or administrator acts by virtue of their assignment and needs to be able to identify themselves as a civil servant, not as a private person. IDombud from Fortified ID functions as a modern service identification. It is linked to the individual's function in the organization and can be integrated with existing directories and authorization systems. This makes it possible to ensure that the right person acts in the right role, in the right context. VC bearer: Smartphone ( iOS / Android) Mac / PC Passkey Book a demo Support different trusts in the same platform Different business systems require different levels of trust. Some internal systems can be managed with a lower level, while sensitive healthcare systems, decision support or administrative functions require a higher level. IDombud from Fortified ID can handle multiple trust levels within the same platform. This means that the organization can: • Use strong authentication in most business systems • Use the highest level of security for relevant systems This provides a flexible identity strategy that can be adapted to risk and regulatory requirements, without the need for parallel solutions. For organizations that relate to DIGG's guidelines and the eIDAS framework, a clear path forward is created. Secure identification on shared devices Strong identification per user Better traceability on shared devices More flexible service identification Shared computers and mobile devices are a common challenge in municipalities and regions. In healthcare, social care and schools, the same device is often used by several people during the same day. Then one question becomes particularly important: how do you know who is actually logged in right now? With IDombud from Fortified ID, each user can strongly authenticate themselves even on shared devices. The identity is tied to the individual and the current session. This reduces the risk of incorrect access, improves traceability and strengthens information security. Book a demo Secure and flexible login with physical passkeys IDombud can also support scenarios where users gain access to a smooth and secure login experience using passkeys on physical security keys. This enables organizations to bring strong authentication to more types of work environments, such as shared computers, protected environments, and businesses where flexibility is important. The result is a portable and phishing-resistant solution that is easy to carry, easy to implement, and works reliably in everyday life, regardless of environment (AD/Entra/M365/eg.) or device. Enables secure login even on shared or tightly controlled Windows computers, without the need for local storage or installation. Gives users a physical and simple authentication method that can always be carried with them. Reduces the risk of phishing and strengthens security without making login more complicated. Architecture IDombud as a service IDombud own operation As a service Control is shared between customer and user instead of centralizing everything with an external elD operator. IDombud eliminates the need for a central actor that sees all logins, reducing the risk of tracking and data leakage. Password-free and privacy-preserving authentication. Customer data stays with the customer. Not a central data silo. eIDAS design (EUID wallet, SD-JWT) The user has credentials and VC in their wallet. Own operation Control is shared between customer and user instead of centralizing everything with an external elD operator. Customer data stays with the customer. No central data silo. eIDAS design (EUID wallet, SD-JWT) The user has identification and VC in their wallet. Secure login for businesses With IDombud, organizations can provide partners, consultants, board members, etc. with a secure and reliable login method. IDombud from Fortified ID delivers an eID solution for secure login for companies. The organization can: Issue a digital identity to already known people Achieve a high level of trust when logging in Protect business-critical systems and documents Move trust between different form factors. (Smartphone / Passkey) Replace password-based login with a stronger method With IDombud, companies get a secure digital identity that meets European requirements for trust and interoperability. Book a meeting

Fortified ID Forms is an application for digitizing process flows. Examples can be creating users (e.g. employees, consultants, partners), editing users or listing "my users" or "my groups". With Forms you get access to a tool to create web-based flows to delegate the administration to the users responsible for certain information in a simple way. > Products > Control > Automate > Automate Fortified ID Automation provides the ability to extract data from one or more source systems, change or influence that data, and then update one or more target systems. An example application is extracting data from an HR system to identify newly registered users. These user objects can then be processed and automatically provisioned to target systems such as Active Directory, Google Workspace, or Microsoft Entra ID. Automate the management of identities and groups Automate group membership Send authentication requests to the Automate API Overview Use cases Get started HR and Personnel Systems Heroma: Integrated to retrieve personal and employment data from the HR system. SchoolSoft: Used to transfer student and staff data to the identity management system. IST: Mainly used in schools/preschools to fetch student and staff information for identity systems. NETSuite: Integrated to retrieve user and organizational data from the cloud-based ERP system. Directory Services & Identity Sources LDAP: Used to read and manage user data from directory services like Active Directory. LDIF: A standardized text format for importing/exporting directory information, often related to LDAP. OpenDJ: An open-source LDAP-compatible directory commonly used in identity management. Microsoft Entra: Used for managing identities and access within Microsoft’s cloud-based platform. Google: Enables synchronization with Google Workspace for account and group management. SCIM: A standard protocol for automatic provisioning of users between systems. Databases and Generic Data Sources SQL Server: Common integration for reading or writing data directly to a Microsoft SQL database. IBM DB2: Integration with this relational database allows for retrieving user data via SQL. ODBC/JDBC: Generic drivers to connect to various databases regardless of vendor. CSV: A simple file-based integration where user data is imported or exported in plain text format. ITSM and Ticketing Systems BMC Remedy: Integrated to automate ticket handling and create users from support workflows. ServiceNow: Used to automatically create accounts or retrieve user data through the ITSM platform. Web and API-Based Systems RESTGeneric: A flexible integration using REST APIs to communicate with external systems. Salesforce: Used to fetch or update user information in the CRM system. Joomla: Syncs user identities between a content management system and the IAM platform. Sometimes, company admins may want power users, team managers, or even external users to handle administrative tasks for a specific team or a subset of users within the organization. Granting full administrative permissions to these users isn’t the best practice or ideal approach—this is where the Delegated Administration feature comes in. Automate is a back-end service with a configuration UI for adding pipes that you choose whether they should execute on a schedule or via API calls. Automate does not have a UI for end users, if you are looking for such an application, Fortified ID Forms is the one to look at. A pipe consists of one or more valves where a valve is a configurable component for handling data. Mentioned below are source systems and target systems. See the Integration tab for which systems Automate can integrate with. See below for a number of use cases: Delegated Admins are users outside the main it administrators who are given limited administrative privileges to perform specific tasks within a particular area or department of an organization. This approach is common in large companies, as it allows other users to assist with certain activities while providing a degree of autonomy within their department. It also enhances flexibility and boosts efficiency, particularly when managing access within the prganisation. Platform Fortified ID Automate is available on multiple platforms. Windows, Linux, or Container (Docker) Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) As a service through our partners. Contact us for more information. Contact us Contact us at info@fortifiedid.se or fill out our web form here: Contact us BankID eIDAS EFOS Certificate Skolfederation Sweden Connect Sweden Connect Sambi SITHS eID Passkey Authenticator OTP Sambi Freja Freja SITHS eID Passkey Authenticator OTP Sambi Sambi Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

Fortified ID är en banbrytande plattform för modern & säker hantering av digitala identiteter. Byggd på zero trust-principer som stödjer moderna standarder som OAuth2, SAML och OpenID Connect gör integration med existerande system (Entra, AD, SQL, Google) smidig och framtidssäker. Fortified ID används i såväl privat som offentlig sektor för att säkra åtkomst till känslig information, delegerad administration. Plattformen är skalbar, platsformsagnostisk (moln/hybrid/on-prem) och anpassningsbar. Secure login and modern identity management for organizations Most read: IdP / MFA Forms Onbording Replace MIM Fortified ID develops modern products for secure login and identity management for organizations. Powerful Integrations Broad support for eID & MFA Swedish IAM expertise eID / VC IDombud Close IdP / MFA / SSO INTEGRITY Close IAM / IGA CONTROL Close Popular Integrations News What we do Fortified ID helps municipalities, authorities, regions and private companies with modern IAM. Protect your organization's applications, for employees, citizens, educational activities, e-services, healthcare personnel, etc. Centralize all authentication Delegated administration Smart user provisioning Modern dev ops infatructure See all your assets in one place Unique IAM-competence Authentication Password Reset Onboarding Key Features Native integration Solutions from Fortified ID natively integrates with userstores in the cloud and on-premise. IAM specialists Fortified ID has long experience in getting its customers to take control of their digital identities. Our team has unique knowledge of how authorities, regions, municipalities and private companies should integrate all their services and applications. In order to gain control over their digital identities, a close dialogue is needed between the operating organization and the supplier. We place great importance on understanding our customers' challenges and ensuring that our solutions make a difference. About us Use cases BankID (13) 13 posts Freja eID (10) 10 posts Entra ID (5) 5 posts IAM (5) 5 posts AD (5) 5 posts Google (4) 4 posts CIAM (4) 4 posts OIDC (4) 4 posts SAML (4) 4 posts MFA (4) 4 posts ADFS (3) 3 posts Delegation (3) 3 posts SITHS (3) 3 posts Authorization management (3) 3 posts Svenska pass (3) 3 posts DIGG (3) 3 posts Azure (3) 3 posts Password reset (3) 3 posts Microsoft Authenticator (3) 3 posts Google for Education (2) 2 posts ID-porten (2) 2 posts EAM (2) 2 posts Self-registration (2) 2 posts oath (2) 2 posts Provisioning (2) 2 posts External MFA (2) 2 posts OpenID Connect (2) 2 posts Foreign eID (2) 2 posts Delegated Administration (1) 1 post Gmail (1) 1 post Delegated password reset (1) 1 post Google Drive (1) 1 post Google Workspace (1) 1 post Google for Business (1) 1 post Authentication hub (1) 1 post Buypass (1) 1 post Digital wallet (1) 1 post HANA (1) 1 post Docker (1) 1 post IGA (1) 1 post IdP (1) 1 post Impersonation (1) 1 post EFOS (1) 1 post Issuer (1) 1 post LOA 2 (1) 1 post Commfides (1) 1 post EUDI (1) 1 post LOA 3 (1) 1 post LOA 4 (1) 1 post Entra (1) 1 post See all use cases Municipality... ...gives employees the ability to reset passwords with Bank ID. Read Use Cases Government... ...has solved Joiner-Mover-Leaver (JML) for all its users using solutions from Fortified ID. Read more about JML Energy company... ...allows its customers to securely authenticate to my pages with Bank ID and employees to choose between several different MFA methods. Läs Read Use Cases Finance company ... ...uses Fortified ID to allow its customers to connect securely with BankID. Read more about Integrity Healthcare... ...uses solutions from Fortified ID to solve SITHS as a secure login method against ADFS. Read Use Cases Some of our customer Some of our partners Get started with modern IAM 01 Download Describe your organisation and your IAM-challenge. 02 Demo Use this space to promote the business, its products or its services. 03 Roll out Together with our partners, we ensure that your solution is put into use.

Med Integrity från Fortified ID skapar vi nya möjligheter för din organisation att hantera alla typer av inloggning, behörighetsstyrning samt single sign-on. Strong authentication & authorization control With Integrity from Fortified ID, we create new capability for your organization to manage all types of login, authorization control and single sign-on. Good user-experience must include both authentication and authorization. Our idea is to achieve safe identities for organization while making it easy for their users and the administrators. Methods Architecture Single Sign-On Simplify login for your users with Single Sign-On (SSO) while maintaining secure access to applications and data. Fortified ID has extensive experience in integration of applications and services to a central point of entry. Integrations are made via SAML, OpenID Connect, Radius or via our own API. The solution also enables: ID mapping. A user is called jdoe in one application but john. doe@fortified.se in another, we handle that type of mapping with abilities in Integrity. Ticket translation. Your organization has end-user applications that support e.g. OpenID Connect at the same time you want to give them access with e.g. a SAML federation. Here a translation will have to take place between the technicians, we solve that with Integrity. Single Sign-On Application portal Portal is a web-based application that contains all the applications that have been assigned to you. The purpose is that you should not have to remember addresses for the various applications you use in your everyday life. For example, if you have newly hired employees or contractors, you can easily give them a place to go (Fortified ID Portal) to find all the applications assigned to them. Fortified ID Portal supports Single Sign-On (SSO) for the published apps. The advantage of SSO is that after logging into the Fortified ID Portal, the user is automatically logged into the application they click on. Support is also available to add extended login if an app requires higher security than Portal. Look and feel of the portal can be easily adapted to the organization's preferences regarding colors, logo and language. The solution is made to run on the web as well as on mobile devices. See Movie With Fortified ID Enrollment, you can easily provide strong authentication for your users. There are different ways to provide your users with strong authentication, such as Passkeys, YubiKeys, generate one-time passwords (OTP/MFA) with mobile app or certificate-based login. In order for a user to be able to receive strong authentication, their account must be mapped to one of the methods above. This is called enrollment or registration. With Fortified ID Enrollment, a user can do this easily on their own or designated users can do this for other users. For example. can a support technician prepare a mobile so that it both has the app (e.g. Microsoft Authenticator) installed but also linked to the user's account. Enrollment API gateway Fortified ID modernizes IAM for organizations by adding an API gateway. This creates conditions for supporting organizations in several scenarios. Integrity's API gateway can: act as a bridge for data exchange and data formatting, Cloud-to-cloud and cloud-to-native. e.g. enrichment of Custom Claims Provider in Azure act as backend support in a variety of applications, e.g. identity administration, outsourced configuration, self-registration, account sync, merge and enrich data from many different information sources. support ADFS MFA providers from Fortified ID. Can be run on-premise or in cloud (for example, for service delivery to multiple customers) Previously, Integrity from Fortified ID can solve strong authentication, single sign-on and an application portal. Of course, adapted for modern (DevOps) operation with option for container delivery, monitoring and traceability. IdP Broker / Proxy The number of Identity Providers (IdP's) continues to increase and there is a large variation in what types of use cases that these can implement. In addition to delivering a full-scale IdP, Fortified ID Integrity can act as a broker/proxy and thereby deliver functionality and meet requirements that existing solutions cannot meet for various reasons. Do you have an IdP that cannot be connected to a certain federation due to connection rules? Fortified ID Integrity is compatible with many federations such as Sweden Connect, Skolfederation, SAMBI, SWAMID, eIDAS. Fortified ID offers two options: You replace your existing IdP with Fortified ID Integrity that meets all connection requirements. You keep your existing IdP but let Fortified ID Integrity act as Proxy/Broker. which becomes an intermediary between your existing IdP and your federations, in a way that you can easily fulfill all connection requirements. The threat landscape is constantly changing, which places new types of demands on a modern authentication solution with streamlined and cost-effective administration. With this rapidly changing reality, software needs to be kept up-to-date with more frequency than in the past to ensure reliability. With automated installation and upgrading, the system can be kept up to date with minimal downtime. The solution can be installed locally, in the cloud or as a hybrid solution. The ability to easily move the solution between test and production environments has been made extremely easy. Read more about automation in our technical documentation. Möjligheten att enkelt flytta lösningen mellan test och produktionsmiljöer har gjorts extremt enkel. Läs mer om automation i vår tekniska dokumentation. Automation Tech spec Integrity is designed with architecture that uses modern ways to install and upgrade the product. This also creates new possibilities for monitoring and analyzing how all parts of the system performs. Read more in our technical documentation. Download PDF Authentication methods BankID EFOS SITHS eID Skolfederation Passkey Suomi.fi Freja OrgID SAML Broker NetID OTP Azure ID-porten Freja eID Plus X.509 Certificate SITHS SWAMID Google FIN eID smart card eIDAS Svenska pass Sambi Telia eID ADFS Common smart card Monitoring Fortified ID's solutions are designed to offer real-time monitoring of how system resources are performing. This can apply to everything from individual secure methods or connections to applications or databases. Real-time monitoring provides good overview and creates the foundation for informed decisions. Read more about monitoring in our technical documentation. Logging Integrity from Fortified ID is also delivered with structured logging 􏰂CEF􏰃 intended to easily feed a SIEM system. Logging & analysis can be tailoried, whether they include reporting on who did what and when or as a basis for usage/invoicing. Monitoring & Logging Fortified ID Mobile Fortified ID Mobile is a free app that lets you log in without having to use a password – you can instead scan a QR code, use your fingerprint, face recognition or a PIN code. Fortified ID Mobile can be used in three ways: as a way to securely authenticate you if you have forgotten your password. See Fortified ID Password Reset for forgotten password. as a login method every time, with a one-time code to increase the security of your account. This is called two-step verification or multi-factor authentication. See Fortified ID Access for login and authorization management. as the only login method, where you only need to scan a QR code or approve the login via a button press on your phone. This is called passwordless login. Next gen software delivery Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency. Tech spec ACCESS API RADIUS Strong authentication SAML OIDC ADFS CUSTOM OATH Single Sign-On Container Monitoring Automation Rapid deployment SIEM ready Configuration as code Standards SAML 2.0 OAUTH ADFS Sambi Open ID Connect FIDO2 Fortified ID API Sweden Connect Functions Container Monitoring Custom branding Redundancy HTTP/2 Asynchronous WCAG / accessibility Sweden Connect (LOA 4) Rolling upgrades Rapid deployment Custom UI HSM Shared sessions SIEM ready Configuration as code Installation Docker Linux GCP Windows Azure AWS Integrations Google Azure VMware Remote desktop Cambio Oracle Oracle Citrix Skolfederation Exchange Wordpress IST Sambi Sambi ServiceNow Office 365 Tieto Education Visma Zoom TDialog TDialog AWS Dropbox Box Aweria Nginx Apache Apache Contact us First name* Surname* E-mail* Phone Message Send Sambi Sweden Connect OTP Skolfederation Authenticator Certificate Passkey EFOS SITHS eID eIDAS Freja BankID Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency. Popular Secure MFA Methods Government Healthcare Municipalities Private org With Fortified ID RADIUS server, you can easily provide strong authentication and authorization for remote users to access your network. It receives authentication requests from RADIUS clients, such as routers, firewalls, or VPNs, verifies the user's credentials, and returns an authorization decision to the client. Radius

> Solutions > Verticals > Healthcare > Secure identity and login for Healthcare A cohesive Region IdP strategy Modern and controllable IAM for the public sector Swedish provider with regional experience Fortified ID helps healthcare organisations to simplify and secure login, SSO and authorization management for both staff, consultants and citizens – in line with regulatory requirements and complex IT environments Deep understanding of healthcare organizations IAM challenges Swedish healthcare operate in an environment where identity and authentication are governed by extensive regulations, high security requirements and many different user groups. Healthcare professionals, other regional staff, consultants and citizens have different needs for authentication methods and permissions. Fortified ID has worked closely with regions for more than 20 years and has built deep expertise in strong authentication, identity management and electronic signature. This experience makes it possible to handle both strategic choices and operational challenges in complex IAM environments, where HSA, SITHS, Inera, AD, Azure and local systems need to interact in a secure and sustainable way. Book a meeting Healthcare - PDF (SWE) Strong authentication adapted for all user groups Regions need to offer the right authentication method to the right users. For healthcare professionals, SITHS is required, today both as a card and mobile eID, with different clients such as NetID Enterprise, NetID Access and SITHS eID. Other regional personnel can use other methods such as OTP, hardware keys or e-IDs, while consultants often need equivalent access as employees. At the same time, citizens must be offered multiple login options, such as BankID, Freja eID and eIDAS, to access the regions' e-services. Fortified ID helps regions design and implement authentication solutions that meet these requirements without compromising security or user experience. Book a meeting Inera SSO and authorization throughout the entire healthcare chain After strong authentication, the user should not need to log in again during the same work session. To achieve this, support for single sign-on and proper management of session tickets, attributes and roles is required. With Fortified ID's solutions, regions can achieve SSO across both modern and legacy applications, based on standards such as SAML, OpenID Connect, ADFS and SAMBI. We also support ID mapping and ticket translation, so that the right information is delivered to each application. Authorization control can be customized both locally and centrally, including management of employee assignments, which is crucial when an identity acts in different roles in healthcare. Read more - Integrity Read more - Control Integration, management and long-term sustainability Fortified ID's solutions are built for modern operations and are adapted for DevOps-oriented organizations. It should be easy to automate, monitor and further develop the IAM solution regardless of the size of the region. We assist with integration of existing applications, API support where standard protocols are not sufficient, as well as connection to Inera's authentication services and IdP solutions. Through the combination of products and specialist expertise, we help regions reduce complexity, strengthen security and create a future-proof foundation for digital healthcare, administration and citizen services. Book a meeting Management Center Partners

Management of external accounts In an organization there are different types of accounts that need to be managed in different ways depending on their purpose and use. This page describes the management of external accounts that require access to internal resources. These accounts are often referred to as short-term workers, contractors, partners or GIG workers. Book meeting Lifecyclemanagement Movies Different types of accounts Workforce Identity (IAM) Workforce Identity refers to accounts used by people who need to access resources within the organization. These are divided into: Internal (permanent employees) Refers to permanent employment within the organization. Management of these accounts is often automated through provisioning and synchronization from HR systems to streamline the process. External (short-term workers, contractors, partners or GIG workers.) Refers to temporary accounts for people who need access to the organization's internal resources. A challenge many organizations have is where these accounts should be located. Customer Identity (CIAM) Customer Identity refers to accounts for external customers or citizens. They have no need to access internal systems. These users may use external authentication solutions, such as social accounts such as Google, Microsoft or Facebook, for login. To read more about CIAM Lifecycle management of external accounts 1. Create 2. Manage/change 3. Authentication (AuthN) 4. Authorization (AuthZ) 5. End/deactivate/extend Login for external accounts Once an external account has been created, the user must be able to authenticate to access the organization's resources. Our products support a variety of login methods, allowing you to customize authentication to your organization's needs and security requirements. BankID, Freja, Foreign eID: User-friendly and secure solutions for authentication. One-Time Password generated via apps such as Microsoft Authenticator, Google Authenticator or similar. Username + OTP SMS and email (SMTP) for easy OTP delivery. YubiKey and other hardware-based security keys. Certificates for advanced security in specific environments. Passkey, FIDO, smart cards for modern and secure authentication solutions. Federation to use existing authentication solution in the organization, or use authentication solution in the external user's organization Alternative methods E-ID Manage/change external account This process, also known as mover or crossboarding, involves making changes and updates to existing external accounts. For example, it could involve adding information, updating contact details, or changing permissions for an account. Our products offer multiple ways to handle these needs depending on the scenario and division of responsibilities. Methods for managing and modifying external accounts Allow the user to update certain parts of their account information themselves through a user-friendly portal. Examples of what the user can change: Update contact information, such as email address or mobile number. Request access to specific resources or applications. Give responsible people in your organization the right to manage external accounts for which they are responsible. Example scenario: Account managers can change account information, assign new roles, or update permissions. A line employee can manage accounts associated with their department or project. Externally responsible accounts can manage accounts for their subordinates or teams. Certification: Annual confirmation process where account managers verify that the external accounts they are responsible for are still current and accurate. 2. Delegated administration Automate the process to ensure account information is up-to-date and accounts are managed efficiently. Examples of automated solutions: Synchronization with external systems to automatically update account data. Automated notifications to account managers when an account is close to being deactivated, providing the opportunity to extend the validity period. 3. Automation 1. Self-registration Let external users sign in with their own accounts from their organization via federation. Updated credentials or account information is sent in the federation ticket and the receiving organization updates account data accordingly. Summary Efficiently manage and modify external accounts through a combination of self-administration, delegated administration, and automation. This ensures that account information is always up-to-date and that external accounts are managed in a secure and structured manner. 4. Federation Create external account The process of creating external accounts, also known as onboarding or joining, can vary depending on the needs and technical capabilities of the organization. Ideally, the process should be automated, but some form of manual handling is often required. It is important that the responsible person in the organization who manages external accounts, such as a consultant or summer worker, can verify that the person is who they claim to be. Our products offer several solutions to meet these needs depending on the scenario. Methods for creating external accounts Use self-registration to allow external users to create their own accounts using a verification method, such as e-ID. Example scenario: A prospective consultant receives a link to a registration page. The consultant authenticates with e-ID to confirm their identity. The consultant fills in and verifies their email address and mobile number. An email is sent with login details, or the consultant can directly access a portal with their applications. A notification is sent to the person responsible in the organization that the account has been created. Possibility of an approval process before the account is activated. Let internal administrators handle the creation of external accounts through a delegated process. Example scenario: An employee, for example from the finance department, requests that a consultant account be created. The finance person completes the consultant registration page. An optional approval process can be implemented, where one or more people review and approve the creation of the account. 2. Delegated administration If external accounts already exist in a data source, such as Entra, Google, or a text file, our products can automatically import and create accounts in the system the organization uses. 3. Automation 1. Self-registration Allow external users to log in with their own accounts from their organization via federation. Example scenario: A partner organization establishes a federation with your organization. The partner's users log in with their existing account credentials and gain access to specific resources. Other Set a default length for how long external accounts should be active before they are deactivated. Notify the administrator if an account is about to expire, and allow for the option to extend. 4. Federation Permission control for external accounts After authentication, the user needs the right permissions to work in the assigned systems. Our products offer support for: Assign systems and applications: Specify which resources the user should have access to. Application rights management: Define the user’s level of access within each application. Self-administration for access requests: Let the user request access to resources, which may require approval from an account manager. Role-based access: Assign a role that automatically grants the user access to predefined resources and permissions. Terminate, deactivate, and extend external accounts When an external account is no longer needed – for example, when a consulting assignment has ended – the account should be deactivated or deleted. In some cases, the account may need to be extended if the collaboration continues. Support for deactivation and extension Set end date upon creation: A deactivation date can be defined right from the account creation. Notifications to account owners: The account owner is informed of the status and can deactivate or extend the account if necessary. For example, when 30 days remain before the account is deactivated, an automatic notification is sent to the person responsible, who can choose to extend the account. Account extension If a master data system is connected, its rules can control the account lifecycle, including deactivation and deletion. Integration with customer data source Automated deactivation processes Upon deactivation, all permissions may be automatically removed from the account. The account may be moved to a dedicated inactive account location for secure management and archiving. Inactive account management Mer att tänka på Register Just as with employees, who are often initially registered in an HR system and then automatically provisioned to different systems, external accounts also need a register where they are first placed. Unlike internal accounts, however, it is unusual for this to happen in the organization's HR system. To choose a register for external accounts, priority should be given to a solution that is both cost-effective and where the organization has relevant expertise. Examples of registers: LDAP: If the organization already works with LDAP, ADLDS may be a natural choice. SQL: If SQL is an established solution internally, it may be appropriate to choose. Cloud services: For organizations with experience with services such as Entra or Google, these options are preferred. Our products can be integrated with all of these technologies, making it possible to choose the one that best suits your needs and skills. Account owners and notifications Each account created is linked to a responsible owner. Notifications can be automated to notify the owner when an account is being deactivated. The owner can easily extend the validity of the account if necessary. Certification Automated certification processes where the account owner receives an annual reminder via email to confirm that the account should still be active and belong to them. Contact us First name* Surname* E-mail* Phone Message Send

Secure and efficient management of identities and logins for schools IAM for education This page describes how Fortified ID Integrity can be used to meet the requirements for authentication against the Digital National Exam (DNP), via the School Federation. Many of the principals today use Microsoft Entra, Microsoft ADFS or Google as IdP. The challenge with these IdPs is that they do not support Swedish methods that may be required for a service! 11. Flexible delivery Install and manage yourself in your own data hall. Use as a cloud service for easy and secure operation. 10. Automation and Synchronization Automate the management of accounts and permissions across different systems, for example from AD to Google. See movie 9. Delegated administration Let teachers administer certain student tasks and permissions, which increases efficiency and reduces the burden on the IT department. See movie 8. Delegated password reset Create and manage unique user identifiers (eduPersonPrincipalName) for applications that require this, for example DNP. 7. Password reset with e-identification Create and manage unique user identifiers (eduPersonPrincipalName) for applications that require this, for example DNP. 6. Generation and storage of eppn Create and manage unique user identifiers (eduPersonPrincipalName) for applications that require this, for example DNP. See movie 5. Login for Digital National Exams (DNP) Provides both software and expertise to ensure quality IAM solutions from start to finish. 4. Software & consulting services (Fortified Integrity) Provides both software and expertise to ensure quality IAM solutions from start to finish. 3. IdP Proxy Solutions Microsoft IdPs (Entra ID or ADFS): Perform step-up authentication for LOA2, 3 or 4. Google IdPs: Provides step-up authentication for higher security requirements. Okta IdPs: Same support as for Microsoft and Google. 2. SP for the School Federation Ensure your service meets School Federation requirements, trust levels and attributes. 1. IdP for the School Federation. Enables school principals to connect to the School Federation and offer Single Sign-On (SSO) to a large number of school services, such as Schoolsoft, NE and Google Classroom. Fortified ID works with existing storage areas such as Active Directory, Google and Entra ID. Features and services that Fortified ID offers: DNP Guide Book a meeting Read PDF DNP Demo Benefits Security : Meets requirements from the School Federation, School Administration and Digg, including LOA2–4. Efficiency : Automated processes and delegated administration reduce the workload of IT staff. Compatibility : Works with existing systems such as Active Directory, Google and Entra ID. Ease of use : Simple password reset and Single Sign-On for both teachers and students. Future proofing: Compatible with other federations such as Sambi, Sweden Connect and SWAMID. Compatible with the Internetstiftelsen's new "federation concept". Ready for DNP and other services with high security requirements. OpenID Connect certified solution. Flexibility : Customized solutions that can be implemented as a local installation or cloud service. Book a meeting

Videos DEMO: Delegerad administration för en butikskedja (Jysta) Patientjournaler i svenska ambulanser Fortified ID Attest Demo - create custom "Request-Approve" workflows Integrity - Enrollment Introduction Control - Automate - Introduction Microsoft Entra External eID login (SAML) Microsoft Entra External eID login (OIDC) Forms Demo - Delegated administration Forms - Demo external workforce Forms - Introduction Management Center - Configuration Management Center - Management Freja orgID onboarding Freja orgID offboarding Integrity - Application Portal Fortified ID Integrity - Enrollment Fortified ID Password Reset DEMO: Fortified ID Password Reset Demo: Fortified ID Password Reset Externa konton del 1 av 7 - Översikt och introduktion Externa konton del 2 av 7 - SKAPA - SJÄLVREGISTRERING Externa konton del 3 av 7 - ÄNDRA - DELEGERAD ADMINISTRATION Externa konton del 4 av 7 - ÄNDRA - SJÄLVADMINISTRATION OCH ANSÖK-GODKÄNN Externa konton del 5 av 7 - AUTENTISERA - & - AUKTORISERA Externa konton del 6 av 7 - AVSLUT-AVAKTIVERING-FÖRLÄNGNING

On / off-boarding of Freja eID / orgID Freja eID / OrgID With Fortified ID's Freja OrgID packaging, you and your organization can easily: Authenticate users with a Freja OrgID Onboarding and offboarding of Freja OrgID. We offer three ways for onboarding: Self-administration, delegated by another user or automated Freja eID / OrgID Supply Support for all DIGG approved LOA2 and LOA3 methods. The school principal can choose which, or which, methods teachers and school staff should be able to choose. Dealer of BankID and Freja eID & OrgID. Flexibility With flexible configuration options, Fortified ID Integrity can both signal trust according to requirements and control when step-up authentication is required, based on incoming information in an authentication request, attributes from existing idp, etc. Fortified ID generates unique eppn for the school's teachers and students, which are stored in the organization's directory (eg AD, Google, Entra). Competence Our experts have extensive experience with federations both at national and international level, login methods and authentication levels. Fortified ID is always there as support to ensure a good and quality delivery. Architecture In the cloud or on-premise. Since the solution does not require communication with user directories, it can be run in the cloud. It is also possible to install it locally, i.e. on-premise. Book a meeting Global Accessibility with Freja Citizens from 167 countries around the world can register in Freja with their biometric passport. This means that both: People who live in Sweden but are not Swedish citizens People who live outside of Sweden can use Freja for secure digital identification. For companies that need to interact with a global target group, Freja is the only e-identification in Sweden that makes this possible – and opens the door to hundreds of millions of potential users worldwide. Book a meeting

Training Knowledge in digital identity is central to succeed with your digitalization journey. Fortified ID offers a range of different training courses in digital identity that strengthen your organisations level of competence. Most courses are product independent and cover standards and best practices. Fortified ID's training provides your organization with knowledge in secure login, federation, identity management, decentralized identity and much more. Time: 9 - 16 - Location: Online - Free of charge Target Audience IT personnel with various roles such as architects, technical sales/presales, consultants, support engineers or system administrators. Knowledge prerequisites No prerequisites. Training content What is the purpose of Integrity Different use case and scenarios Overview of system requirements, installation, operation and management Overview of configuration TBD Fortified ID Integrity Introduktion Technical Overview - 3 hours Time: 9 - 12 - Location: Online - 4000 SEK Target Audience IT personnel with various roles such as architects, technical sales/presales, consultants, support engineers or system administrators. Knowledge prerequisites Fortified ID Integrity Administration and Configuration Training content Overview Data model Troubleshooting TBD Fortified ID Integrity Data Model and Troubleshooting - 3 hours Time: 9 - 16 - Location: Online - 8000 SEK What is Identity Federation? How does it work, and why should your enterprise care? The class is both theoretical and practical. Target Audience IT personnel with various roles such as architects, technical presales, consultants, support engineers or system administrators. Knowledge prerequisites Basic knowledge in the areas of HTTP. Training content Why Identity Federation? Use case examples of implementation of SAML, Federation and SSO Fundamentals of SAML 2.0 Single Sign-On (SSO) Architecture Messages with Encryption and Digital Signatures Debugging SAML Issues with Google Chrome and SAML-tracer Fundamentals of URL and Base64 Encoding, Cryptographic Hashing, RSA Encryption and Digital Signing SAML compared with WS-Trust, OAuth 2.0, and OpenID Connect. TBD Master Identity Federation SAML - 1 day Time: 8:30 - 12 - Location: Online - 4000 SEK Target Audience IT personnel with various roles such as architects, technical presales, consultants, support engineers or system administrators. Knowledge prerequisites Basic knowledge in the areas of HTTP. Training content Why Decentralized Identity? What is Verifiable Credentials? Use case examples EU Digital Identity Wallet (EUDI Wallet) Fundamentals of Verifiable Credentials Architecture Basic PKI functions, encryption and signatures Basic blockchain technology overview Fundamentals of Decentralized identifiers (DIDs), issuers, verifiers, holders and wallets Practical examples Debugging Personal reflections TBD Master Identity Wallets and Decentralized Identity Choose training* First name Surname E-mail* Company name* I hereby agree that Fortified ID may use the information above to be able to perform the services that the company offers. * Submit Time: 9 - 16 - Location: Online - 8000 SEK Target Audience IT personnel with various roles such as architects, technical sales/presales, consultants, support engineers or system administrators. Knowledge prerequisites Fortified ID Integrity Introduction - Technical Overview - 3 hours Good knowledge in the areas of LDAP, HTTP and federation. Training content Installation Configuration Data model Integrity Portal Integrity Web Infrastructure Integrity Enrollment (extra) Control - Password Reset (extra) Integrity RADIUS (extra) TBD Fortified ID Integrity Administration and Configuration - 1 day Registration

13 Mars kl 09:00 Att hantera digitala identiteter och behörigheter för anställda är oftast en väldefinierad process – men hur gör man när externa användare behöver tillgång till dina interna resurser? Konsulter, underleverantörer och andra externa aktörer innebär unika utmaningar för organisationer. Här är några av de mest kritiska områdena att hantera: Livscykelhantering Hur säkerställer man en effektiv och säker hantering av identitetslivscykeln – från onboarding till offboarding? Automatisering : Kan processerna för onboarding och offboarding effektiviseras? Självservice : Hur kan externa användare själva bidra till en smidig onboarding? Delegerad administration: Vem ansvarar för att administrera och underhålla externa användares åtkomst? Åtkomst Hur hanteras behörigheter för externa användare på ett säkert och kontrollerat sätt? Identifiering : Hur vet vi att den externa användaren är den som hen uppger sig att vara? Har den externa användaren med sig en stark inloggningsmetod, tex BankID eller Freja, som kan användas för säker identifiering? Tilldelning och återkallande : Hur tilldelas och revokeras behörigheter enkelt och säkert? Självbetjäning: Kan användare själva begära ytterligare behörigheter vid behov? Privilegierad åtkomst: Hur hanteras tillfälliga åtkomster med hög säkerhet? Uppföljning och kontroll Hur säkerställs att externa användare kontinuerligt hanteras korrekt och i linje med organisationens krav? Kontinuerlig granskning: Hur ser processerna för regelbunden uppföljning ut? Säker differentiering: Hur skiljer man interna och externa medarbetare åt på ett säkert och effektivt sätt? Genom att strukturera och optimera dessa områden kan organisationer både möta dagens säkerhetskrav och skapa smidiga processer för hantering av externa användare. 🎯 Välkommen till vårt webinar! Vi på Fortified ID bjuder in verksamhetsutvecklare och IT-specialister till en inspirerande session där vi delar bästa praxis för strategier och implementering av lösningar för hantering av externa användare. Under sessionen kommer vi att fokusera på hur våra produkter och lösningar kan bidra till att: Höja säkerheten Minska risker Öka kontrollen Sänka kostnaderna Välkommen att ta del av insikter och konkreta tips som kan hjälpa er att optimera er hantering av externa användare! 🗓 Datum: Torsdag 13:e Mars ⏰ Tid: 09:00–10:00 Det här får du med dig: ✔ Livscykelhantering : Lär dig om Joiner-Mover-Leaver-processer och hur du kan förenkla onboarding, crossboarding och offboarding för externa medarbetare. ✔ Ersätt eller komplettera: Utforska om du kan förstärka befintliga lösningar eller om det är dags att börja från grunden. ✔ Marknadsöversikt: Se hur våra lösningar skiljer sig från andra system på marknaden. 📢 Missa inte chansen att: Få insikter om hur du strukturerat kan ge externa användare tillgång till interna resurser, med kontroll och uppföljning. Säkerställa att din organisation är redo för framtidens identitetshantering. Anmäl dig idag och ta ett viktigt steg mot en effektivare och säkrare hantering av externa användare! Anmäl dig här Webinar: Externa Användare 13:e Mars - Kl 09 : 00 Ge externa användare tillgång till interna resurser - livscykelhantering, åtkomst och uppföljning/kontroll. Hantering av externa användares identiteter, säker onboarding och administration. Säker åtkomst innebär identifiering, behörighetstilldelning och självbetjäning. Kontinuerlig uppföljning säkerställer regelefterlevnad och säkerhet. Läs mer Anmäl dig här

Municipalities face challenges with identity management, secure login and access control. We help municipalities create a modern, secure and user-friendly IAM platform that supports both employees and citizens, without compromising control or security. > Solutions > Verticals > Municipalities > Secure identity and login for Municipalities Flexible municipal IdP Modern and controllable IAM for the public sector Swedish provider, vast municipal experience Municipalities face challenges with identity management, secure login and access control. We help municipalities create a modern, secure and user-friendly IAM platform. Reduce licensing, operational and management costs by consolidating authentication and identity services into ONE common solution. Deep understanding of the municipality's IAM challenges Municipalities operate in a digital reality where both internal and external users need access to many different systems and e-services. Employees, consultants, students, guardians and citizens have different needs for authentication, authorization and access. In addition, digital welfare services often require integration with both national e-identifications and internal directories. Fortified ID has extensive experience in helping municipalities create a coherent and secure identity architecture that solves these challenges. We start from the municipality's existing IT environment, map target groups and use cases, and design solutions for strong authentication, Single Sign-On, password reset that strengthen both security and user experience, without creating unnecessary complexity for operations and management. Life after MIM Municipality - PDF (SWE) Strong, flexible and secure authentication for all users To meet the needs of both businesses and citizens, authentication methods are required that are both secure and easy to use. Fortified ID helps municipalities offer well-adapted authentication flows based on user group and service. With support for e-identifications such as BankID, Freja eID, SITHS and other modern methods, the municipality can offer secure login for everything from intranets, e-services, school platforms and welfare applications. IAM / School DNP PDF Entra ID Single Sign-On and correct authorization for the entire municipality After secure authentication, users should not have to log in multiple times during the same workflow or case management. With Fortified ID, municipalities can implement Single Sign-On (SSO) that works across both modern and legacy systems. We support standards such as SAML, OpenID Connect, ADFS and more to create seamless authentication flows. In addition to SSO, we help secure attribute management, roles and authorization decisions, so that the right user gets the right access based on service, responsibility and need. This is especially important in municipal operations where the same person can have different roles (e.g. teacher, parent, citizen) in different contexts. We also support ID mapping and ticket translation, so that the right information is delivered to each application. Authorization control can be customized both locally and centrally, including management of employee assignments, which is crucial when an identity acts in different roles in healthcare. Read more - Integrity ADFS Integration, management and long-term sustainability Fortified ID solutions are built to work with your municipality's existing infrastructure, whether you use on-premises directories, cloud-based services, or a hybrid model. We help integrate both internal systems and external services, creating an identity platform that is easier to manage and evolve over time. By working with standards, open protocols, and a clearly documented architecture, you reduce dependencies, simplify the transition between technology generations, and build a platform that stands the test of time. With Fortified ID as your partner, you not only get technical implementation, but also strategic advice to ensure that your IAM solution supports both today's and tomorrow's needs. Book a meeting Management Center ONE common identity platform, low TCO Many municipalities today use multiple parallel solutions for authentication, federation, e-identification and identity management. This often leads to higher licensing costs, more complex management and more dependencies between different providers. With Fortified ID's IdP, the municipality can gather these functions into a common platform for identity and access. By consolidating multiple services into one solution, both operational costs and technical complexity are reduced while giving you better control over the identity environment. With Fortified ID's identity platform, the municipality can: • Consolidate authentication and identity services into a common solution • Reduce licensing, operational and management costs • Gain better control over identities, access and secure login Read more - Integrity ADFS Partners

Password Reset Password Reset from Fortified ID simplifies the management of secure password reset for your organization. Users can easily and securely create a new password through self-service without having to contact their employer's IT support. Users with personnel responsibility (manager, teacher, partner/consultant manager) can reset passwords on behalf of another user. Your organization becomes more efficient as the time that the end user does not have access can be greatly shortened. In addition, IT personnel can also devote themselves to more constructive and proactive work. Methods Architecture Tech spec Certificate EFOS SITHS eID eIDAS Freja BankID With Password Reset from Fortified ID, users can use a plethora of methods to prove that they are the person they claim to be. Fortified ID offers among other things BankID*, Freja eID*, Siths eID. It is also possible to use your existing Identity provider if desired. * Requires approval of use case Popular secure methods Password Reset from Fortified ID also includes a feature to delegate password reset to another user, we call it “on behalf of”. This could be a manager, service desk, teacher or other selected function. Example Bobby Clarke is a teacher who has the ability to reset passwords for his students. When Bobby logs in, he can choose which student to reset the password for. Everything is logged so that you can see in retrospect that it was Bobby who reset which student's password. On behalf of Password Policy It must be easy for the user to see when he changes his password that it meets the policy that his organization has, at the same time it must be easy for an administrator to configure the password rules that must be met. Look & feel, custom language The user should feel at home and easily understand what he has to do. The product can be easily adapted to the user's look and feel. The product comes with a number of languages and can easily be extended for additional languages. Multiple data sources The product supports a number of the known user data sources that are used today, e.g. Active Directory, Microsoft Entra ID and Google. When the password needs to be updated, the product can also write to several data sources at the same time. Complex password policy Technical specifications Password Reset from Fortified ID is designed with architecture that uses modern ways to install. This also creates new conditions for monitoring and analysis of how the system is doing and how it performs. Password reset methods BankID EFOS SITHS eID Skolfederation Passkey Suomi.fi Freja OrgID SAML Broker NetID OTP Azure ID-porten Freja eID Plus X.509 Certificate SITHS SWAMID Google FIN eID smart card eIDAS Svenska pass Sambi Telia eID ADFS Common smart card Functions Self-service Complexity control Custom branding Several data sources Monitoring Several data sources Delegated password reset SIEM ready Installation Docker Linux GCP Windows Azure AWS Integrations Google Azure VMware Remote desktop Cambio Oracle Citrix Skolfederation Exchange Wordpress IST Sambi ServiceNow Office 365 Tieto Education Visma Zoom TDialog AWS Dropbox Box Aweria Nginx Apache Contact us First name* Surname* E-mail* Phone Message Send

In order for a user to be able to use strong authentication, it is preceded by an activation/registration for the user. With Fortified ID Enrollment, a user can do this easily on their own or designated administrators can do this for the user. For example, a support technician can prepare a mobile phone so that it both has the app (e.g. Microsoft Authenticator) installed but also is tied to the user's account. > Products > Integrity > Confirm > Confirm Confirm is a complete solution for secure identity verification when users call a helpdesk or support organization. The product is available in two variants, both of which protect against social engineering, identity fraud and incorrect access in sensitive cases. Why Confirm is needed Prevents unauthorized access and reduces the risk of data leaks Protects against social engineering and role hijacking Ensures proper case management in sensitive support situations Builds trust through transparency and strong authentication Makes verification fast, easy, and integrated into the helpdesk flow Overview Get started eID as a secure verification method in Confirm Confirm includes a dedicated flow for reverse eID verification, developed to ensure that the caller is indeed the individual stated. Below is an example with mobile BankID. 1. Support initiates the verification The employee enters the user's social security number and a verification text to be displayed in the BankID app. The system then sends a BankID request to the correct person. 2. Information and consent The user is informed that a verification is being initiated and that certain personal information is being shared for the purpose of establishing identity. Consent is required to continue. 3. Authentication in BankID The person receives a notification in their BankID app, reads the verification text and signs to confirm their identity. 4. Automatic validation in the system After signing, support receives immediate notification that the person has been authenticated with a valid BankID, along with relevant account data for the case. 5. Proof of possession To verify that the same individual is on the phone, the user can read out the verification text from their BankID app — a simple but effective proof of possession. 6. Secure and correct case handling Once the identity is confirmed, support can continue handling without the risk of confusion or fraud attempts. Confirm via verification code Confirm also offers a verification flow with a time-limited one-time code, designed to ensure that the caller is indeed the same individual who is logged into the service. 1. Login The user logs into the service with their username, password or e-ID. 2. Information and consent The service informs the user that personal information will be shared with support in order to enable identification and correct case management. The user must actively approve this before the function can be used. 3. Initiation of verification When contact with support is needed, the user selects the option "Verify me". The system then packages the relevant login data as well as any supplementary information from the customer's own system, such as customer number, case ID or user profile. The information is temporarily stored for use during validation. 4. Generation of verification code The system creates a unique and time-limited code that is displayed to the user on the screen. 5. Code Sharing The user reads the code to the support person on the phone. 6. Code Validation The support person enters the code into their system. Confirm checks that the code is valid, links it to the previously packaged login and customer data, and confirms that the person on the phone is the same logged-in user. 7. Confirmed Identity Once the verification is approved, support can continue the case in a secure and correct manner, with access to the information needed to help the user. Confirm offers either one-time code verification or reverse eID verification with BankID, allowing organizations to choose the method that best suits their processes and user groups. Both variants are based on clear consent, a strong connection between Confirm BankID eIDAS EFOS Certificate Skolfederation Svenska Pass Sweden Connect Sambi SITHS eID Passkey Authenticator eduID Telia Freja eID Freja orgID ID Porten Suomi.fi Authenticator OTP FIDO ADFS Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

Control från Fortified ID är en lösning som fokuserar på säker och effektiv hantering av digitala identiteter och dess behörigheter. Lösningen hjälper till att förenkla och automatisera processer för att hantera användarbehörigheter, rollbaserad åtkomst, grupptillhörigheter, on-boarding/off-boarding med mera. Modern Identity Management Control from Fortified ID is a solution that focuses on secure and efficient management of digital identities and their permissions. The solution helps simplify and automate processes for managing user permissions, role-based access, group memberships, on-boarding/off-boarding and more. This provides more efficient and cost-saving management of the organization's processes for identity management, without compromising on security. Forms Automate Attest Password reset Password reset Attest Automate Forms With the various functions of Control from Fortified ID, the organization can simplify and ensure that the right user has access to the right system and data, while providing better control and overview when reporting. Identity lifecycle control Government Healthcare Municipalities Private org Forms is an application for digitizing process flows. Examples can be creating users (e.g. employees, consultants, partners), editing users or listing "my users" or "my groups". With Forms you get access to a tool to create web-based flows to delegate the administration to the users responsible for certain information in a simple way. With Forms, you can also build self-service flows and self-registration of users. In case of self-registration, a user proves himself with e.g. BankID where information is extracted and used to allow the user to create their own account. Forms Movie Automation provides the ability to read data from one or more systems, change or influence the data and then write it to one or more source systems. Examples could be reading data from an HR system and looking for newly created users, reading in these users and creating them in, for example, Active Directory, Google or Microsoft Entra ID. All without the influence of an administration or user. Automation Attest adds for Forms and Automation the ability to bring in approval flows. Instead of a user being created/changed directly, one or more users must approve this change. An example could be requesting access to a group that protects a resource where, for example, a group administrator/owner must approve who gets access to the resource. The solution can be installed locally, in the cloud or as a hybrid solution. The ability to easily move the solution between test and production environments has been made extremely easy. Read more about automation in our technical documentation. Attest Password Reset from Fortified ID simplifies the handling of secure password reset for all organizations. Users can easily and securely create a new password through self-service without having to contact their employer's IT support. Your organization becomes more efficient as the time that the end user does not have access can be significantly shortened. In addition, IT personnel can also devote themselves to more constructive and proactive work. On behalf of Password Reset from Fortified ID has a function to delegate password reset to another user, we call it password reset "on behalf of". It can be a manager, service desk, teacher or other selected function. Password Reset Read more Tech spec Control is designed with architecture that uses modern ways to install and upgrade the product. Read more in our technical documentation. Integrationer Google Azure Installation Docker Linux ODBS/JDBC GCP Entra ID LDAP Windows Azure SQL Server AWS Next gen software delivery Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency. Tech spec Onboarding Workflow IGA Automate Attest Container Monitoring Automation Rapid deployment SIEM ready Configuration as code Forms Delegated admin IDM ∞ Contact us First name* Surname* E-mail* Phone Message Send

As the digitalization of healthcare accelerates, it is more important than ever that the solutions we build actually fit in. That is why we at Fortified ID are particularly proud of how our products harmonize with Inera’s reference architecture. The platform offers support that Regions are influenced by current standardized protocols, enabling interoperability, secure authentication, and delegated access. – powered by Fortified ID Move Identity as a Service Med Move Identity as a Service får ni en helhetslösning för säker inloggning, delegerad administration och effektiv identitetshantering – levererad som en skalbar SaaS-tjänst. Tjänsten baseras på Fortified ID:s plattform, och gör det enkelt för ert företag att kombinera hög säkerhet med användarvänlighet, oavsett målgrupp: kunder, supportorganisation eller interna administratörer. Kärnfunktioner Central autentisering (Fortified ID Integrity) En flexibel autentiseringstjänst som stödjer olika metoder och flöden anpassade för respektive användargrupp. Delegerad administration & självservice (Fortified ID Control) Avlasta IT med delegerad administration, självregistrering, provisionering och recertifiering. Single Sign-On (SSO) Tjänsten levererar signle sign-on till kundens andra system och applikationer. Fördelar för er organisation • Säker autentisering med e-legitimationer – stöd för BankID, Feide, ForeignID och ID-porten. • Minskad belastning på IT – tack vare kontrollerad delegering och självservice för slutanvändare. • Automatiserad livscykelhantering – effektiv onboarding och offboarding av användare och grupper utan manuell hantering. Maximera Microsoft Entra ID Move Identity as a Service är utformad för att komplettera och förstärka Microsoft Entra ID. Med våra lösningar tar ni identitetshanteringen till nästa nivå, anpassad för moderna IT-organisationer med höga krav på både säkerhet och enkelhet. Kärnfunktioner Central autentisering (Fortified ID Integrity) En flexibel autentiseringstjänst som stödjer olika metoder och flöden anpassade för respektive användargrupp. Delegerad administration & självservice (Fortified ID Control) Avlasta IT med delegerad administration, självregistrering, provisionering och recertifiering. Single Sign-On (SSO) Tjänsten levererar signle sign-on till kundens andra system och applikationer. Fördelar för er organisation • Säker autentisering med e-legitimationer – stöd för BankID, Feide, ForeignID och ID-porten. • Minskad belastning på IT – tack vare kontrollerad delegering och självservice för slutanvändare. • Automatiserad livscykelhantering – effektiv onboarding och offboarding av användare och grupper utan manuell hantering. Maximera Microsoft Entra ID Move Identity as a Service är utformad för att komplettera och förstärka Microsoft Entra ID. Med våra lösningar tar ni identitetshanteringen till nästa nivå, anpassad för moderna IT-organisationer med höga krav på både säkerhet och enkelhet. Close eID / VC IDombud Close IAM / IGA CONTROL Close IdP / MFA / SSO INTEGRITY Kommun.. ...ger anställda möjlighet att återställa lösenord med Bank ID. Läs användningsfall Myndighet... ...har löst Joiner-Mover-Leaver (JML) för alla sina användare med hjälp av lösningar från Fortified ID. Läs mer om JML Energibolag... ...låter sina kunder att säkert autentisera sig till mina sidor med Bank ID och anställda att välja mellan flera olika MFA metoder. Läs användningsfall Finansbolag... ...använder Fortified ID för att låta sina kunder ansluta säkert med BankID. Läs mer om Integrity Region... ...använder lösningar från Fortified ID för att lösa SITHS som säker inloggningsmetod mot ADFS. Läs Användningsfall Popular Integrations

Fortified ID as a complement to Versasec Complement Versasec Versasec and Fortified ID complement each other by offering an integrated solution for secure authentication and user management. Thanks to delegated activation of security keys for the user, the user does not need to do anything when they start their employment. Onboarding and activation of, for example, FIDO keys can be done both delegated or as self-service, creating simplicity for both users and administrators. See Video Fortified ID Fortified ID provides secure login and user authentication solutions, enabling the use of security keys in a variety of environments. Their systems offer: Customizable login: Support for multiple authentication methods that can be easily integrated with security keys from Versasec. Easy user experience: Single sign-on (SSO) that allows the user to log in once and gain access to all systems and services. Flexibility: Can be installed locally (on-premise) or as a cloud service. Integration: Connections to various data sources such as Active Directory, Entra ID, Google and SQL-based systems, as well as the ability to consolidate data from multiple sources. Book a meeting See Video Benefits High security: The combination offers multi-factor authentication that is resistant to phishing. User convenience: The security key is pre-configured and enables quick access to multiple services via SSO. Flexibility and scalability: Suitable for both organizations with on-premises installation requirements and those who prefer cloud-based solutions. Centralized data integration: Ability to retrieve and consolidate user data from multiple systems for efficient and secure authentication. This combination is ideal for organizations looking for a secure, user-friendly and customizable authentication solution. Book a meeting Versasec Versasec vSEC:CMS handles the issuance and administration of security keys. These keys can be configured with PIN policies and equipped with certificates for authentication and signing. Solution offers: Flexibility : Support for various types of security keys, including Smart Cards and Windows Hello for Business. Efficiency : Automated batch issuance and self-service options for users. Security : Ability to use FIDO2 and other modern authentication standards. Visit versasec.com See Video

Fortified ID Integrity solves the challenges of Digital National Exams Digital National Examination (DNP) This page describes how Fortified ID Integrity can be used to meet the requirements for authentication against the Digital National Exam (DNP), via the School Federation. Many of the principals today use Microsoft Entra, Microsoft ADFS or Google as IdP. The challenge with these IdPs is that they do not support Swedish methods that may be required for a service! DNP Guide Book a meeting Read PDF DNP Demo Benefits Supply Support for all DIGG approved LOA2 and LOA3 methods. The school principal can choose which, or which, methods teachers and school staff should be able to choose. Dealer of BankID and Freja eID & OrgID. Flexibility With flexible configuration options, Fortified ID Integrity can both signal trust according to requirements and control when step-up authentication is required, based on incoming information in an authentication request, attributes from existing idp, etc. Fortified ID generates unique eppn for the school's teachers and students, which are stored in the organization's directory (eg AD, Google, Entra). Competence Our experts have extensive experience with federations both at national and international level, login methods and authentication levels. Fortified ID is always there as support to ensure a good and quality delivery. Architecture In the cloud or on-premise. Since the solution does not require communication with user directories, it can be run in the cloud. It is also possible to install it locally, i.e. on-premise. Book a meeting

News

Solutions We are experts in identity management and help your organization set up an authentication solution that works for the entire business, whether the users are employees/consultants or citizens/partners/retailers. With our long experience in integrating with a wide range of applications and systems, you can focus on your core business instead of authentication, authorization and access. Komplement MIM Fortified ID Control can be used as a complement to MIM. Fortified ID Control offers a modern interface with configurable flows that can be adapted to the specific needs of the organization. With Fortified ID Control, organizations can implement self-service, delegated administration and password reset flows Book a meeting Read more Fortified ID modernizes IAM for organizations by adding an API gateway. This creates conditions for supporting organizations in several scenarios. Integrity's API gateway can: act as a bridge for data exchange and data formatting, Cloud-to-cloud and cloud-to-native. e.g. enrichment of Custom Claims Provider in Azure act as backend support in a variety of applications, e.g. identity administration, outsourced configuration, self-registration, account sync, merge and enrich data from many different information sources. support ADFS MFA providers from Fortified ID. Can be run on-premise or in cloud (for example, for service delivery to multiple customers) Previously, Integrity from Fortified ID can solve strong authentication, single sign-on and an application portal. Of course, adapted for modern (DevOps) operation with option for container delivery, monitoring and traceability. API gateway IdP Broker / Proxy The number of Identity Providers (IdP's) continues to increase and there is a large variation in what types of use cases that these can implement. In addition to delivering a full-scale IdP, Fortified ID Integrity can act as a broker/proxy and thereby deliver functionality and meet requirements that existing solutions cannot meet for various reasons. Do you have an IdP that cannot be connected to a certain federation due to connection rules? Fortified ID Integrity is compatible with many federations such as Sweden Connect, Skolfederation, SAMBI, SWAMID, eIDAS. Fortified ID offers two options: You replace your existing IdP with Fortified ID Integrity that meets all connection requirements. You keep your existing IdP but let Fortified ID Integrity act as Proxy/Broker. which becomes an intermediary between your existing IdP and your federations, in a way that you can easily fulfill all connection requirements. Application Identity Gateway Fortified ID Application Identity Gateway adds an identity layer to your application or service without you having to program functionality yourself. This solution increases security by adding e-credentials, which ensures that access to your services is both safe and reliable. In addition, the traceability of accounts and permissions is improved, enabling better tracking and auditing of user activities in accordance with regulatory compliance for NIS, GDPR, etc. Book a meeting PDF ADFS adapter With the Fortified ID ADFS adapter, any MFA method or e-legitiomation can be added as an authentication method to ADFS. The solution is very cost-effective because the systems within the organization that are already connected to ADFS do not need to change anything! The graphical interface, the one that meets users, is fully customizable to be able to align with the organization's graphical profile. It is possible to turn off/on the requirement for MFA or eID authentication for a user based on a number of criteria, for example which system the user is about to log into, if the user is in the office or from home, if the user is connecting from a trusted unit etc Read More