Password Reset Password Reset from Fortified ID simplifies the management of secure password reset for your organization. Users can easily and securely create a new password through self-service without having to contact their employer's IT support. Users with personnel responsibility (manager, teacher, partner/consultant manager) can reset passwords on behalf of another user. Your organization becomes more efficient as the time that the end user does not have access can be greatly shortened. In addition, IT personnel can also devote themselves to more constructive and proactive work. Methods Architecture Tech spec Certificate EFOS SITHS eID eIDAS Freja BankID With Password Reset from Fortified ID, users can use a plethora of methods to prove that they are the person they claim to be. Fortified ID offers among other things BankID*, Freja eID*, Siths eID. It is also possible to use your existing Identity provider if desired. * Requires approval of use case Popular secure methods Password Reset from Fortified ID also includes a feature to delegate password reset to another user, we call it “on behalf of”. This could be a manager, service desk, teacher or other selected function. Example Bobby Clarke is a teacher who has the ability to reset passwords for his students. When Bobby logs in, he can choose which student to reset the password for. Everything is logged so that you can see in retrospect that it was Bobby who reset which student's password. On behalf of Password Policy It must be easy for the user to see when he changes his password that it meets the policy that his organization has, at the same time it must be easy for an administrator to configure the password rules that must be met. Look & feel, custom language The user should feel at home and easily understand what he has to do. The product can be easily adapted to the user's look and feel. The product comes with a number of languages and can easily be extended for additional languages. Multiple data sources The product supports a number of the known user data sources that are used today, e.g. Active Directory, Microsoft Entra ID and Google. When the password needs to be updated, the product can also write to several data sources at the same time. Complex password policy Technical specifications Password Reset from Fortified ID is designed with architecture that uses modern ways to install. This also creates new conditions for monitoring and analysis of how the system is doing and how it performs. Password reset methods BankID EFOS SITHS eID Skolfederation Passkey Suomi.fi Freja OrgID SAML Broker NetID OTP Azure ID-porten Freja eID Plus X.509 Certificate SITHS SWAMID Google FIN eID smart card eIDAS Svenska pass Sambi Telia eID ADFS Common smart card Functions Self-service Complexity control Custom branding Several data sources Monitoring Several data sources Delegated password reset SIEM ready Installation Docker Linux GCP Windows Azure AWS Integrations Google Azure VMware Remote desktop Cambio Oracle Citrix Skolfederation Exchange Wordpress IST Sambi ServiceNow Office 365 Tieto Education Visma Zoom TDialog AWS Dropbox Box Aweria Nginx Apache Contact us First name* Surname* E-mail* Phone Message Send

Videos Lösenordspolicys för olika typer av användare Verifiera användare med personnummer Verifiera användare med sök DEMO: Delegerad administration för en butikskedja (Jysta) Patientjournaler i svenska ambulanser Fortified ID Attest Demo - create custom "Request-Approve" workflows Integrity - Enrollment Introduction Control - Automate - Introduction Microsoft Entra External eID login (SAML) Microsoft Entra External eID login (OIDC) Forms Demo - Delegated administration Forms - Demo external workforce Forms - Introduction Management Center - Configuration Management Center - Management Freja orgID onboarding Freja orgID offboarding Integrity - Application Portal Fortified ID Integrity - Enrollment Fortified ID Password Reset DEMO: Fortified ID Password Reset Demo: Fortified ID Password Reset Externa konton del 1 av 7 - Översikt och introduktion Externa konton del 2 av 7 - SKAPA - SJÄLVREGISTRERING Externa konton del 3 av 7 - ÄNDRA - DELEGERAD ADMINISTRATION

In order for a user to be able to use strong authentication, it is preceded by an activation/registration for the user. With Fortified ID Enrollment, a user can do this easily on their own or designated administrators can do this for the user. For example, a support technician can prepare a mobile phone so that it both has the app (e.g. Microsoft Authenticator) installed but also is tied to the user's account. > Our Solutions > Secure Login > Confirm user > Confirm Confirm is a complete solution for secure identity verification when users call a helpdesk or support organization. The product is available in two variants, both of which protect against social engineering, identity fraud and incorrect access in sensitive cases. Why Confirm is needed Prevents unauthorized access and reduces the risk of data leaks Protects against social engineering and role hijacking Ensures proper case management in sensitive support situations Builds trust through transparency and strong authentication Makes verification fast, easy, and integrated into the helpdesk flow Overview Get started eID as a secure verification method in Confirm Confirm includes a dedicated flow for reverse eID verification, developed to ensure that the caller is indeed the individual stated. Below is an example with mobile BankID. 1. Support initiates the verification The employee enters the user's social security number and a verification text to be displayed in the BankID app. The system then sends a BankID request to the correct person. 2. Information and consent The user is informed that a verification is being initiated and that certain personal information is being shared for the purpose of establishing identity. Consent is required to continue. 3. Authentication in BankID The person receives a notification in their BankID app, reads the verification text and signs to confirm their identity. 4. Automatic validation in the system After signing, support receives immediate notification that the person has been authenticated with a valid BankID, along with relevant account data for the case. 5. Proof of possession To verify that the same individual is on the phone, the user can read out the verification text from their BankID app — a simple but effective proof of possession. 6. Secure and correct case handling Once the identity is confirmed, support can continue handling without the risk of confusion or fraud attempts. Confirm via verification code Confirm also offers a verification flow with a time-limited one-time code, designed to ensure that the caller is indeed the same individual who is logged into the service. 1. Login The user logs into the service with their username, password or e-ID. 2. Information and consent The service informs the user that personal information will be shared with support in order to enable identification and correct case management. The user must actively approve this before the function can be used. 3. Initiation of verification When contact with support is needed, the user selects the option "Verify me". The system then packages the relevant login data as well as any supplementary information from the customer's own system, such as customer number, case ID or user profile. The information is temporarily stored for use during validation. 4. Generation of verification code The system creates a unique and time-limited code that is displayed to the user on the screen. 5. Code Sharing The user reads the code to the support person on the phone. 6. Code Validation The support person enters the code into their system. Confirm checks that the code is valid, links it to the previously packaged login and customer data, and confirms that the person on the phone is the same logged-in user. 7. Confirmed Identity Once the verification is approved, support can continue the case in a secure and correct manner, with access to the information needed to help the user. Confirm offers either one-time code verification or reverse eID verification with BankID, allowing organizations to choose the method that best suits their processes and user groups. Both variants are based on clear consent, a strong connection between Confirm BankID eIDAS EFOS Certificate Skolfederation Svenska Pass Sweden Connect Sambi SITHS eID Passkey Authenticator eduID Telia Freja eID Freja orgID ID Porten Suomi.fi Authenticator OTP FIDO ADFS Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

Documentation Fortified ID delivers products that are tailored for dev ops. They can be installed on-premises, hybrid or in the cloud. They can also be purchased as a service through our partners. Contact us at support@fortifiedid.se to access the download area. Integrity - Secure login Access 3.6.0 Enrollment 3.1.0 Portal 3.1.1 Radius 3.1.0 Access 3.6.0 Enrollment 3.1.0 Portal 3.1.1 Radius 3.1.0 Control - Identity Management Control 1.0.1 Password Reset 3.1.1 Control 1.0.1 Password Reset 3.1.1 Common components Management Center 2.0 Modules Valves Management Center 2.0 Modules Valves Solutions Integrations Use cases Integrations Use cases Menu Close Secure login & single sign on Latest Release: - Access 3.7.1 2026 - 06 - 01 Read release notes Latest Release: - Portal 3.1.1 2025 - 05 - 02 Read release notes Latest Release: - Enrollment 3.1.0 2025 - 03 - 31 Read release notes Latest Release: - Radius 3.1.0 2025 - 03 - 31 Read release notes Identity Management (IAM/IGA) Latest Release: - Control 1.1.0 2026 - 06 - 01 Read release notes Latest Release: - Password Reset 3.1.1 2026 - 02 - 13 Read release notes Common components Latest Release: - Management Center 2.1.0 2026 - 06 - 01 Read release notes Latest Release: - Valves 2025.77 Read release notes Modules Read release notes Solutions Integrations Read release notes Solutions Read release notes

Solutions We are experts in identity management and help your organization set up an authentication solution that works for the entire business, whether the users are employees/consultants or citizens/partners/retailers. With our long experience in integrating with a wide range of applications and systems, you can focus on your core business instead of authentication, authorization and access. Non-human identities Fortified ID supports key parts of a non-human identity strategy across both Access and Control, although not in the same cloud-native model as platforms such as Microsoft Entra managed identities. In Access, non-human identities can be handled through standards-based authentication and authorization for applications, APIs and service-to-service communication, using mechanisms such as OAuth 2.0, OpenID Connect and certificate-based trust. Access can therefore act as the authentication and trust layer for workloads, applications and other machine identities, even though it is not tied to a proprietary resource platform in the way managed identities are tied to Azure resources. In Control, non-human identities can be governed in the same overall identity lifecycle model as human identities, with ownership, provisioning, delegated administration, approvals, auditability and access reviews. This makes it possible to manage service accounts, bots and AI agents as first-class identities rather than as hidden technical accounts. A practical example is a personal AI agent assisting a case worker in Control. Such an agent should be treated as a separate non-human identity linked to a named user, with its own credentials, tightly scoped permissions, clear delegation rules and full audit logging. This preserves accountability while enabling automation. PKI certificates are a strong fit for authenticating machine identities at runtime, while verifiable credentials can complement this by carrying portable, cryptographically verifiable claims about an application, system or agent across organizational boundaries. In short, Access provides the authentication and trust layer for non-human identities, while Control provides the governance and lifecycle management layer. Komplement MIM Fortified ID Control can be used as a complement to MIM. Fortified ID Control offers a modern interface with configurable flows that can be adapted to the specific needs of the organization. With Fortified ID Control, organizations can implement self-service, delegated administration and password reset flows Book a meeting Read more Fortified ID modernizes IAM for organizations by adding an API gateway. This creates conditions for supporting organizations in several scenarios. Integrity's API gateway can: act as a bridge for data exchange and data formatting, Cloud-to-cloud and cloud-to-native. e.g. enrichment of Custom Claims Provider in Azure act as backend support in a variety of applications, e.g. identity administration, outsourced configuration, self-registration, account sync, merge and enrich data from many different information sources. support ADFS MFA providers from Fortified ID. Can be run on-premise or in cloud (for example, for service delivery to multiple customers) Previously, Integrity from Fortified ID can solve strong authentication, single sign-on and an application portal. Of course, adapted for modern (DevOps) operation with option for container delivery, monitoring and traceability. API gateway IdP Broker / Proxy The number of Identity Providers (IdP's) continues to increase and there is a large variation in what types of use cases that these can implement. In addition to delivering a full-scale IdP, Fortified ID Integrity can act as a broker/proxy and thereby deliver functionality and meet requirements that existing solutions cannot meet for various reasons. Do you have an IdP that cannot be connected to a certain federation due to connection rules? Fortified ID Integrity is compatible with many federations such as Sweden Connect, Skolfederation, SAMBI, SWAMID, eIDAS. Fortified ID offers two options: You replace your existing IdP with Fortified ID Integrity that meets all connection requirements. You keep your existing IdP but let Fortified ID Integrity act as Proxy/Broker. which becomes an intermediary between your existing IdP and your federations, in a way that you can easily fulfill all connection requirements. Application Identity Gateway Fortified ID Application Identity Gateway adds an identity layer to your application or service without you having to program functionality yourself. This solution increases security by adding e-credentials, which ensures that access to your services is both safe and reliable. In addition, the traceability of accounts and permissions is improved, enabling better tracking and auditing of user activities in accordance with regulatory compliance for NIS, GDPR, etc. Book a meeting PDF ADFS adapter With the Fortified ID ADFS adapter, any MFA method or e-legitiomation can be added as an authentication method to ADFS. The solution is very cost-effective because the systems within the organization that are already connected to ADFS do not need to change anything! The graphical interface, the one that meets users, is fully customizable to be able to align with the organization's graphical profile. It is possible to turn off/on the requirement for MFA or eID authentication for a user based on a number of criteria, for example which system the user is about to log into, if the user is in the office or from home, if the user is connecting from a trusted unit etc Read More

Municipalities face challenges with identity management, secure login and access control. We help municipalities create a modern, secure and user-friendly IAM platform that supports both employees and citizens, without compromising control or security. > Integrations > Verticals > Municipalities > Secure identity and login for Municipalities Flexible municipal IdP Modern and controllable IAM for the public sector Swedish provider, vast municipal experience Municipalities face challenges with identity management, secure login and access control. We help municipalities create a modern, secure and user-friendly IAM platform. Reduce licensing, operational and management costs by consolidating authentication and identity services into ONE common solution. Deep understanding of the municipality's IAM challenges Municipalities operate in a digital reality where both internal and external users need access to many different systems and e-services. Employees, consultants, students, guardians and citizens have different needs for authentication, authorization and access. In addition, digital welfare services often require integration with both national e-identifications and internal directories. Fortified ID has extensive experience in helping municipalities create a coherent and secure identity architecture that solves these challenges. We start from the municipality's existing IT environment, map target groups and use cases, and design solutions for strong authentication, Single Sign-On, password reset that strengthen both security and user experience, without creating unnecessary complexity for operations and management. Life after MIM Municipality - PDF (SWE) Strong, flexible and secure authentication for all users To meet the needs of both businesses and citizens, authentication methods are required that are both secure and easy to use. Fortified ID helps municipalities offer well-adapted authentication flows based on user group and service. With support for e-identifications such as BankID, Freja eID, SITHS and other modern methods, the municipality can offer secure login for everything from intranets, e-services, school platforms and welfare applications. IAM / School DNP PDF Entra ID Single Sign-On and correct authorization for the entire municipality After secure authentication, users should not have to log in multiple times during the same workflow or case management. With Fortified ID, municipalities can implement Single Sign-On (SSO) that works across both modern and legacy systems. We support standards such as SAML, OpenID Connect, ADFS and more to create seamless authentication flows. In addition to SSO, we help secure attribute management, roles and authorization decisions, so that the right user gets the right access based on service, responsibility and need. This is especially important in municipal operations where the same person can have different roles (e.g. teacher, parent, citizen) in different contexts. We also support ID mapping and ticket translation, so that the right information is delivered to each application. Authorization control can be customized both locally and centrally, including management of employee assignments, which is crucial when an identity acts in different roles in healthcare. Read more - Integrity ADFS Integration, management and long-term sustainability Fortified ID solutions are built to work with your municipality's existing infrastructure, whether you use on-premises directories, cloud-based services, or a hybrid model. We help integrate both internal systems and external services, creating an identity platform that is easier to manage and evolve over time. By working with standards, open protocols, and a clearly documented architecture, you reduce dependencies, simplify the transition between technology generations, and build a platform that stands the test of time. With Fortified ID as your partner, you not only get technical implementation, but also strategic advice to ensure that your IAM solution supports both today's and tomorrow's needs. Book a meeting Management Center ONE common identity platform, low TCO Many municipalities today use multiple parallel solutions for authentication, federation, e-identification and identity management. This often leads to higher licensing costs, more complex management and more dependencies between different providers. With Fortified ID's IdP, the municipality can gather these functions into a common platform for identity and access. By consolidating multiple services into one solution, both operational costs and technical complexity are reduced while giving you better control over the identity environment. With Fortified ID's identity platform, the municipality can: • Consolidate authentication and identity services into a common solution • Reduce licensing, operational and management costs • Gain better control over identities, access and secure login Read more - Integrity ADFS Partners

Management Center är en självständig tjänst från Fortified ID som möjliggör enkel installation, uppgradering, konfiguration och övervakning av samtliga Fortified ID-produkter. > Our Solutions > Management Center > Management Center is an independent service from Fortified ID that provides easy installation, upgrade, configuration and monitoring of all Fortified ID products. Overview Screen dumps Get started All communication with underlying products is done via standards-based APIs, which provides several benefits: Small footprint – The products are delivered without configuration UI, configuration is done via Management Center. Independent updates – Management Center can be updated without affecting the underlying products. Optimized performance – Underlying products remain focused on their core tasks without unnecessary administrative overhead. Centralized administration – Management Center handles all Fortified ID products, providing a consistent user experience. Versioned configuration – With 'snapshot' functionality, configurations can be easily version-controlled. Flexible availability – The Management Center can be disabled without affecting the underlying products. With Management Center you get a clear overview and easy management of an installed product. Monitoring Log management Upgrades Management The Management Center provides a clear overview and makes it easy to change an existing configuration. With snapshot support, configuration versions can be easily managed. All products have a unified interface that makes it easy to manage the different products from Fortified ID. Configuration Platform Fortified ID Management Center is available on multiple platforms. Windows, Linux, or Container (Docker) Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) As a service through our partners. Contact us for more information. Contact us Contact us at info@fortifiedid.se or fill out our web form here: Contact us

Signing Signing from Fortified ID is a secure and robust solution for signing data electronically. Signing from Fortified ID meets the organization's need to apply legally binding signatures in a fast, secure and efficient way. With Signing, users can sign documents electronically through e-identifications such as BankID or Freja eID, which ensures both reliability and simplicity in the signing process. Book meeting A stand-alone signature service is a central sub-component of Fortified ID Signing. Here, e-identification is used as a tool for the user to be able to securely express his intention to sign a specific document or transaction. When the user initiates the signing process, the actual creation of the e-signature takes place within the stand-alone signature service, ensuring that the signing process is separate from the original application that the user interacts with. Use cases Standards such as XAdES, PAdES and SAML are used to ensure compatibility with different systems and legal requirements. By adhering to these established standards, the application can be integrated with a wide range of e-ID solutions and service providers, enabling users to sign documents and transactions in a secure and legally binding manner, regardless of the e-ID they use. Built on standards Book meeting Popular use cases with Fortified ID's customers are to use the organization's CA for: electronic signatures of PDF documents and transactions activation of certificate-based mobile apps certificate-based login with smart cards or yubikeys (FIDO2) activation of certificates for protection of devices activation of certificates to link an identity to a device (BYOD) Fortified ID ADCS Rest extension gives organizations the ability to: issuance of certificates in real time simple and smooth connection of the product to existing solution expand the number of services that can use the certificates Use cases Contact us First name* Surname* E-mail* Phone Message Send Centralized signature hub Signing from Fortified ID acts as a central signature hub for the organization, facilitating the integration, tracking and administration of electronic signatures. The solution can be implemented on-premise, in the cloud or as a hybrid solution, which provides flexibility in use and operation. Each service integrated with Sign can be customized with unique settings, such as which signature methods should be available to users.

Contact us First name* Surname* E-mail* Phone Message Send Read more Signing from Fortified ID meets the organization's need to apply legally binding signatures in a fast, secure and efficient manner. Read more APPLICATIONS: Access (MFA / SSO) Portal Enrollment Radius Handle all types of secure login including MFA and eID. Single sign-on portal with an agile IdP that can handle SAML, OIDC and ADFS. Control from Fortified ID is a solution that focuses on the secure and efficient management of digital identities and their permissions. The solution helps to simplify and automate processes for managing user permissions, role-based access, group memberships, onboarding/offboarding, and more. Read more APPLICATIONS: Forms Automate Attest Password reset Fortified ID ADCS REST Extensions enable organizations using Microsoft Active Directory Certificate Services to get more value from their existing certificate infrastructure. Read more Management Center is an independent service from Fortified ID that enables easy installation, upgrade, configuration and monitoring of all Fortified ID products. Read more Energy company Fortified ID protects a Swedish energy company's login for both internal and external users. Customers can securely authenticate to my pages with Bank ID and employees can choose from several different MFA methods. Read Use Case Energy company Fortified ID protects a Swedish energy company's login for both internal and external users. Customers can securely authenticate to my pages with Bank ID and employees can choose from several different MFA methods. Read Use Case Energy company Fortified ID protects a Swedish energy company's login for both internal and external users. Customers can securely authenticate to my pages with Bank ID and employees can choose from several different MFA methods. Read Use Case Finance company ...använder Fortified ID för att låta sina kunder ansluta säkert med BankID. Explore Swedish Healthcare Swedish Region uses solutions from Fortified ID to resolve SITHS as a secure login method against ADFS. The solution integrates with existing infrastructure and complements where existing solutions are not sufficient. Read use case

Management of external accounts In an organization there are different types of accounts that need to be managed in different ways depending on their purpose and use. This page describes the management of external accounts that require access to internal resources. These accounts are often referred to as short-term workers, contractors, partners or GIG workers. Book meeting Lifecyclemanagement Movies Different types of accounts Workforce Identity (IAM) Workforce Identity refers to accounts used by people who need to access resources within the organization. These are divided into: Internal (permanent employees) Refers to permanent employment within the organization. Management of these accounts is often automated through provisioning and synchronization from HR systems to streamline the process. External (short-term workers, contractors, partners or GIG workers.) Refers to temporary accounts for people who need access to the organization's internal resources. A challenge many organizations have is where these accounts should be located. Customer Identity (CIAM) Customer Identity refers to accounts for external customers or citizens. They have no need to access internal systems. These users may use external authentication solutions, such as social accounts such as Google, Microsoft or Facebook, for login. To read more about CIAM Lifecycle management of external accounts 1. Create 2. Manage/change 3. Authentication (AuthN) 4. Authorization (AuthZ) 5. End/deactivate/extend Login for external accounts Once an external account has been created, the user must be able to authenticate to access the organization's resources. Our products support a variety of login methods, allowing you to customize authentication to your organization's needs and security requirements. BankID, Freja, Foreign eID: User-friendly and secure solutions for authentication. One-Time Password generated via apps such as Microsoft Authenticator, Google Authenticator or similar. Username + OTP SMS and email (SMTP) for easy OTP delivery. YubiKey and other hardware-based security keys. Certificates for advanced security in specific environments. Passkey, FIDO, smart cards for modern and secure authentication solutions. Federation to use existing authentication solution in the organization, or use authentication solution in the external user's organization Alternative methods E-ID Manage/change external account This process, also known as mover or crossboarding, involves making changes and updates to existing external accounts. For example, it could involve adding information, updating contact details, or changing permissions for an account. Our products offer multiple ways to handle these needs depending on the scenario and division of responsibilities. Methods for managing and modifying external accounts Allow the user to update certain parts of their account information themselves through a user-friendly portal. Examples of what the user can change: Update contact information, such as email address or mobile number. Request access to specific resources or applications. Give responsible people in your organization the right to manage external accounts for which they are responsible. Example scenario: Account managers can change account information, assign new roles, or update permissions. A line employee can manage accounts associated with their department or project. Externally responsible accounts can manage accounts for their subordinates or teams. Certification: Annual confirmation process where account managers verify that the external accounts they are responsible for are still current and accurate. 2. Delegated administration Automate the process to ensure account information is up-to-date and accounts are managed efficiently. Examples of automated solutions: Synchronization with external systems to automatically update account data. Automated notifications to account managers when an account is close to being deactivated, providing the opportunity to extend the validity period. 3. Automation 1. Self-registration Let external users sign in with their own accounts from their organization via federation. Updated credentials or account information is sent in the federation ticket and the receiving organization updates account data accordingly. Summary Efficiently manage and modify external accounts through a combination of self-administration, delegated administration, and automation. This ensures that account information is always up-to-date and that external accounts are managed in a secure and structured manner. 4. Federation Create external account The process of creating external accounts, also known as onboarding or joining, can vary depending on the needs and technical capabilities of the organization. Ideally, the process should be automated, but some form of manual handling is often required. It is important that the responsible person in the organization who manages external accounts, such as a consultant or summer worker, can verify that the person is who they claim to be. Our products offer several solutions to meet these needs depending on the scenario. Methods for creating external accounts Use self-registration to allow external users to create their own accounts using a verification method, such as e-ID. Example scenario: A prospective consultant receives a link to a registration page. The consultant authenticates with e-ID to confirm their identity. The consultant fills in and verifies their email address and mobile number. An email is sent with login details, or the consultant can directly access a portal with their applications. A notification is sent to the person responsible in the organization that the account has been created. Possibility of an approval process before the account is activated. Let internal administrators handle the creation of external accounts through a delegated process. Example scenario: An employee, for example from the finance department, requests that a consultant account be created. The finance person completes the consultant registration page. An optional approval process can be implemented, where one or more people review and approve the creation of the account. 2. Delegated administration If external accounts already exist in a data source, such as Entra, Google, or a text file, our products can automatically import and create accounts in the system the organization uses. 3. Automation 1. Self-registration Allow external users to log in with their own accounts from their organization via federation. Example scenario: A partner organization establishes a federation with your organization. The partner's users log in with their existing account credentials and gain access to specific resources. Other Set a default length for how long external accounts should be active before they are deactivated. Notify the administrator if an account is about to expire, and allow for the option to extend. 4. Federation Permission control for external accounts After authentication, the user needs the right permissions to work in the assigned systems. Our products offer support for: Assign systems and applications: Specify which resources the user should have access to. Application rights management: Define the user’s level of access within each application. Self-administration for access requests: Let the user request access to resources, which may require approval from an account manager. Role-based access: Assign a role that automatically grants the user access to predefined resources and permissions. Terminate, deactivate, and extend external accounts When an external account is no longer needed – for example, when a consulting assignment has ended – the account should be deactivated or deleted. In some cases, the account may need to be extended if the collaboration continues. Support for deactivation and extension Set end date upon creation: A deactivation date can be defined right from the account creation. Notifications to account owners: The account owner is informed of the status and can deactivate or extend the account if necessary. For example, when 30 days remain before the account is deactivated, an automatic notification is sent to the person responsible, who can choose to extend the account. Account extension If a master data system is connected, its rules can control the account lifecycle, including deactivation and deletion. Integration with customer data source Automated deactivation processes Upon deactivation, all permissions may be automatically removed from the account. The account may be moved to a dedicated inactive account location for secure management and archiving. Inactive account management Mer att tänka på Register Just as with employees, who are often initially registered in an HR system and then automatically provisioned to different systems, external accounts also need a register where they are first placed. Unlike internal accounts, however, it is unusual for this to happen in the organization's HR system. To choose a register for external accounts, priority should be given to a solution that is both cost-effective and where the organization has relevant expertise. Examples of registers: LDAP: If the organization already works with LDAP, ADLDS may be a natural choice. SQL: If SQL is an established solution internally, it may be appropriate to choose. Cloud services: For organizations with experience with services such as Entra or Google, these options are preferred. Our products can be integrated with all of these technologies, making it possible to choose the one that best suits your needs and skills. Account owners and notifications Each account created is linked to a responsible owner. Notifications can be automated to notify the owner when an account is being deactivated. The owner can easily extend the validity of the account if necessary. Certification Automated certification processes where the account owner receives an annual reminder via email to confirm that the account should still be active and belong to them. Contact us First name* Surname* E-mail* Phone Message Send

Med Integrity från Fortified ID skapar vi nya möjligheter för din organisation att hantera alla typer av inloggning, behörighetsstyrning samt single sign-on. Strong authentication & authorization control With Integrity from Fortified ID, we create new capability for your organization to manage all types of login, authorization control and single sign-on. Good user-experience must include both authentication and authorization. Our idea is to achieve safe identities for organization while making it easy for their users and the administrators. Methods Architecture Single Sign-On Simplify login for your users with Single Sign-On (SSO) while maintaining secure access to applications and data. Fortified ID has extensive experience in integration of applications and services to a central point of entry. Integrations are made via SAML, OpenID Connect, Radius or via our own API. The solution also enables: ID mapping. A user is called jdoe in one application but john. doe@fortified.se in another, we handle that type of mapping with abilities in Integrity. Ticket translation. Your organization has end-user applications that support e.g. OpenID Connect at the same time you want to give them access with e.g. a SAML federation. Here a translation will have to take place between the technicians, we solve that with Integrity. Single Sign-On Application portal Portal is a web-based application that contains all the applications that have been assigned to you. The purpose is that you should not have to remember addresses for the various applications you use in your everyday life. For example, if you have newly hired employees or contractors, you can easily give them a place to go (Fortified ID Portal) to find all the applications assigned to them. Fortified ID Portal supports Single Sign-On (SSO) for the published apps. The advantage of SSO is that after logging into the Fortified ID Portal, the user is automatically logged into the application they click on. Support is also available to add extended login if an app requires higher security than Portal. Look and feel of the portal can be easily adapted to the organization's preferences regarding colors, logo and language. The solution is made to run on the web as well as on mobile devices. See Movie With Fortified ID Enrollment, you can easily provide strong authentication for your users. There are different ways to provide your users with strong authentication, such as Passkeys, YubiKeys, generate one-time passwords (OTP/MFA) with mobile app or certificate-based login. In order for a user to be able to receive strong authentication, their account must be mapped to one of the methods above. This is called enrollment or registration. With Fortified ID Enrollment, a user can do this easily on their own or designated users can do this for other users. For example. can a support technician prepare a mobile so that it both has the app (e.g. Microsoft Authenticator) installed but also linked to the user's account. Enrollment API gateway Fortified ID modernizes IAM for organizations by adding an API gateway. This creates conditions for supporting organizations in several scenarios. Integrity's API gateway can: act as a bridge for data exchange and data formatting, Cloud-to-cloud and cloud-to-native. e.g. enrichment of Custom Claims Provider in Azure act as backend support in a variety of applications, e.g. identity administration, outsourced configuration, self-registration, account sync, merge and enrich data from many different information sources. support ADFS MFA providers from Fortified ID. Can be run on-premise or in cloud (for example, for service delivery to multiple customers) Previously, Integrity from Fortified ID can solve strong authentication, single sign-on and an application portal. Of course, adapted for modern (DevOps) operation with option for container delivery, monitoring and traceability. IdP Broker / Proxy The number of Identity Providers (IdP's) continues to increase and there is a large variation in what types of use cases that these can implement. In addition to delivering a full-scale IdP, Fortified ID Integrity can act as a broker/proxy and thereby deliver functionality and meet requirements that existing solutions cannot meet for various reasons. Do you have an IdP that cannot be connected to a certain federation due to connection rules? Fortified ID Integrity is compatible with many federations such as Sweden Connect, Skolfederation, SAMBI, SWAMID, eIDAS. Fortified ID offers two options: You replace your existing IdP with Fortified ID Integrity that meets all connection requirements. You keep your existing IdP but let Fortified ID Integrity act as Proxy/Broker. which becomes an intermediary between your existing IdP and your federations, in a way that you can easily fulfill all connection requirements. The threat landscape is constantly changing, which places new types of demands on a modern authentication solution with streamlined and cost-effective administration. With this rapidly changing reality, software needs to be kept up-to-date with more frequency than in the past to ensure reliability. With automated installation and upgrading, the system can be kept up to date with minimal downtime. The solution can be installed locally, in the cloud or as a hybrid solution. The ability to easily move the solution between test and production environments has been made extremely easy. Read more about automation in our technical documentation. Möjligheten att enkelt flytta lösningen mellan test och produktionsmiljöer har gjorts extremt enkel. Läs mer om automation i vår tekniska dokumentation. Automation Tech spec Integrity is designed with architecture that uses modern ways to install and upgrade the product. This also creates new possibilities for monitoring and analyzing how all parts of the system performs. Read more in our technical documentation. Download PDF Authentication methods BankID EFOS SITHS eID Skolfederation Passkey Suomi.fi Freja OrgID SAML Broker NetID OTP Azure ID-porten Freja eID Plus X.509 Certificate SITHS SWAMID Google FIN eID smart card eIDAS Svenska pass Sambi Telia eID ADFS Common smart card Monitoring Fortified ID's solutions are designed to offer real-time monitoring of how system resources are performing. This can apply to everything from individual secure methods or connections to applications or databases. Real-time monitoring provides good overview and creates the foundation for informed decisions. Read more about monitoring in our technical documentation. Logging Integrity from Fortified ID is also delivered with structured logging 􏰂CEF􏰃 intended to easily feed a SIEM system. Logging & analysis can be tailoried, whether they include reporting on who did what and when or as a basis for usage/invoicing. Monitoring & Logging Fortified ID Mobile Fortified ID Mobile is a free app that lets you log in without having to use a password – you can instead scan a QR code, use your fingerprint, face recognition or a PIN code. Fortified ID Mobile can be used in three ways: as a way to securely authenticate you if you have forgotten your password. See Fortified ID Password Reset for forgotten password. as a login method every time, with a one-time code to increase the security of your account. This is called two-step verification or multi-factor authentication. See Fortified ID Access for login and authorization management. as the only login method, where you only need to scan a QR code or approve the login via a button press on your phone. This is called passwordless login. Next gen software delivery Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency. Tech spec ACCESS API RADIUS Strong authentication SAML OIDC ADFS CUSTOM OATH Single Sign-On Container Monitoring Automation Rapid deployment SIEM ready Configuration as code Standards SAML 2.0 OAUTH ADFS Sambi Open ID Connect FIDO2 Fortified ID API Sweden Connect Functions Container Monitoring Custom branding Redundancy HTTP/2 Asynchronous WCAG / accessibility Sweden Connect (LOA 4) Rolling upgrades Rapid deployment Custom UI HSM Shared sessions SIEM ready Configuration as code Installation Docker Linux GCP Windows Azure AWS Integrations Google Azure VMware Remote desktop Cambio Oracle Oracle Citrix Skolfederation Exchange Wordpress IST Sambi Sambi ServiceNow Office 365 Tieto Education Visma Zoom TDialog TDialog AWS Dropbox Box Aweria Nginx Apache Apache Contact us First name* Surname* E-mail* Phone Message Send Sambi Sweden Connect OTP Skolfederation Authenticator Certificate Passkey EFOS SITHS eID eIDAS Freja BankID Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency. Popular Secure MFA Methods Government Healthcare Municipalities Private org With Fortified ID RADIUS server, you can easily provide strong authentication and authorization for remote users to access your network. It receives authentication requests from RADIUS clients, such as routers, firewalls, or VPNs, verifies the user's credentials, and returns an authorization decision to the client. Radius

Fortified ID Integrity solves the challenges of Digital National Exams Digital National Examination (DNP) This page describes how Fortified ID Integrity can be used to meet the requirements for authentication against the Digital National Exam (DNP), via the School Federation. Many of the principals today use Microsoft Entra, Microsoft ADFS or Google as IdP. The challenge with these IdPs is that they do not support Swedish methods that may be required for a service! DNP Guide Book a meeting Read PDF DNP Demo Benefits Supply Support for all DIGG approved LOA2 and LOA3 methods. The school principal can choose which, or which, methods teachers and school staff should be able to choose. Dealer of BankID and Freja eID & OrgID. Flexibility With flexible configuration options, Fortified ID Integrity can both signal trust according to requirements and control when step-up authentication is required, based on incoming information in an authentication request, attributes from existing idp, etc. Fortified ID generates unique eppn for the school's teachers and students, which are stored in the organization's directory (eg AD, Google, Entra). Competence Our experts have extensive experience with federations both at national and international level, login methods and authentication levels. Fortified ID is always there as support to ensure a good and quality delivery. Architecture In the cloud or on-premise. Since the solution does not require communication with user directories, it can be run in the cloud. It is also possible to install it locally, i.e. on-premise. Book a meeting

Med Fortified IDs produkter kan ni effektivt komplettera Microsoft Entra och ta identitetshanteringen till nästa nivå. Våra lösningar är särskilt utformade för att möta kraven hos moderna IT-organisationer och erbjuder: • Stöd för e-legitimationer som BankID, Freja, ForeignID och SITHS • Delegerad administration – minska belastningen på IT genom att möjliggöra kontrollerad delegerad- och självservice • Automatiserad hantering av användare och grupper – effektiv onboarding och offboarding > Integrations > Entra ID > Fortified ID's solutions seamlessly extend Microsoft Entra, helping you elevate your identity and access management strategy. Designed for the needs of modern IT organizations, our offerings provide: Support for eIDs such as BankID, Freja, ForeignID, and SITHS – secure and user-friendly authentication Delegated administration – reduce IT workload by enabling controlled delegated and self-service Automated user and group management – streamline onboarding and offboarding with reduced manual effort Read more below to see how Fortified ID can strengthen your Entra ecosystem. Maximize the Value of Microsoft Entra with Fortified ID Authentication Delegated Admin Self-registration As organizations grow in size and complexity, managing users and groups in Microsoft Entra becomes an ongoing task—whether it's updating user attributes or adjusting group memberships. Placing all of this responsibility on IT can quickly lead to bottlenecks and inefficiencies. With Fortified ID, you can delegate these tasks to the individuals who are actually responsible for the users or groups—without compromising security or giving excessive permissions. This approach improves efficiency, enhances control, and reduces the workload on IT. Examples of delegated scenarios: Manage your own groups ("Manage my groups") Extend expiration dates for external consultants under your responsibility Create tailored workflows for different user types Teachers can reset passwords for their students Managers certify their users annually Fortified ID Forms enables you to create web-based forms for managing directory objects—such as users and groups in Microsoft Entra—and assign responsibilities to the right people. The solution leverages Microsoft Graph API to securely read and write data directly in Entra, ensuring compliance and control. Streamline User and Group Management in Microsoft Entra with Fortified ID Forms Microsoft Entra enables centralized authentication and access control for integrated applications. While it offers a range of built-in authentication methods, it lacks native support for several eID solutions that are widely used across Sweden, the Nordics, and the EU. Examples include: BankID (SE) Freja eID (SE) Foreign eID via eIDAS (EU) SITHS and EFOS (SE) Norwegian BankID (NO) ID-porten (NO) Suomi.fi (FI) With Fortified ID Access, you can easily extend Microsoft Entra to support these national eIDs. This allows your Entra-connected applications to offer secure, compliant, and user-friendly authentication options tailored to local and regional requirements. Extend Authentication Capabilities in Microsoft Entra with Fortified ID Access External users—such as consultants, vendors, or partners—often require accounts in Microsoft Entra to access customer environments and perform their work. Manually creating these accounts can be time-consuming for IT and introduces risks if the user's identity is not properly verified. With Fortified ID Forms, you can offer a secure and user-friendly self-registration process, where the user initiates account creation and verifies their identity using a trusted national eID, such as BankID, Freja, or other approved solutions. Example of a Self-Registration Flow: The user visits a designated company webpage and authenticates using their eID. Additional information is collected, such as email address, mobile number, and contact person. Optional data enrichment can be performed—for example, retrieving official address information from tax authorities. Upon account creation, several automated actions can be triggered: An email is sent to the account owner to assign access rights. A welcome email is sent to the user. The user may be automatically signed in to the organization's portal to begin work. This portal can be built using Fortified ID Portal. With Fortified ID Forms, you can tailor the self-registration process to match your organization’s security policies, workflows, and operational needs—while significantly reducing the burden on your IT team. Secure and Controlled Self-Registration for External Users with Fortified ID Forms BankID eIDAS EFOS Certificate Skolfederation Sweden Connect Sweden Connect Sambi SITHS eID Passkey Authenticator OTP Sambi Freja Freja SITHS eID Passkey Authenticator OTP Sambi Sambi Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

On / off-boarding of Freja eID / orgID Freja eID / OrgID With Fortified ID's Freja OrgID packaging, you and your organization can easily: Authenticate users with a Freja OrgID Onboarding and offboarding of Freja OrgID. We offer three ways for onboarding: Self-administration, delegated by another user or automated Freja eID / OrgID Supply Support for all DIGG approved LOA2 and LOA3 methods. The school principal can choose which, or which, methods teachers and school staff should be able to choose. Dealer of BankID and Freja eID & OrgID. Flexibility With flexible configuration options, Fortified ID Integrity can both signal trust according to requirements and control when step-up authentication is required, based on incoming information in an authentication request, attributes from existing idp, etc. Fortified ID generates unique eppn for the school's teachers and students, which are stored in the organization's directory (eg AD, Google, Entra). Competence Our experts have extensive experience with federations both at national and international level, login methods and authentication levels. Fortified ID is always there as support to ensure a good and quality delivery. Architecture In the cloud or on-premise. Since the solution does not require communication with user directories, it can be run in the cloud. It is also possible to install it locally, i.e. on-premise. Book a meeting Global Accessibility with Freja Citizens from 167 countries around the world can register in Freja with their biometric passport. This means that both: People who live in Sweden but are not Swedish citizens People who live outside of Sweden can use Freja for secure digital identification. For companies that need to interact with a global target group, Freja is the only e-identification in Sweden that makes this possible – and opens the door to hundreds of millions of potential users worldwide. Book a meeting

News

As the digitalization of healthcare accelerates, it is more important than ever that the solutions we build actually fit in. That is why we at Fortified ID are particularly proud of how our products harmonize with Inera’s reference architecture. The platform offers support that Regions are influenced by current standardized protocols, enabling interoperability, secure authentication, and delegated access. – powered by Fortified ID Move Identity as a Service Med Move Identity as a Service får ni en helhetslösning för säker inloggning, delegerad administration och effektiv identitetshantering – levererad som en skalbar SaaS-tjänst. Tjänsten baseras på Fortified ID:s plattform, och gör det enkelt för ert företag att kombinera hög säkerhet med användarvänlighet, oavsett målgrupp: kunder, supportorganisation eller interna administratörer. Kärnfunktioner Central autentisering (Fortified ID Integrity) En flexibel autentiseringstjänst som stödjer olika metoder och flöden anpassade för respektive användargrupp. Delegerad administration & självservice (Fortified ID Control) Avlasta IT med delegerad administration, självregistrering, provisionering och recertifiering. Single Sign-On (SSO) Tjänsten levererar signle sign-on till kundens andra system och applikationer. Fördelar för er organisation • Säker autentisering med e-legitimationer – stöd för BankID, Feide, ForeignID och ID-porten. • Minskad belastning på IT – tack vare kontrollerad delegering och självservice för slutanvändare. • Automatiserad livscykelhantering – effektiv onboarding och offboarding av användare och grupper utan manuell hantering. Maximera Microsoft Entra ID Move Identity as a Service är utformad för att komplettera och förstärka Microsoft Entra ID. Med våra lösningar tar ni identitetshanteringen till nästa nivå, anpassad för moderna IT-organisationer med höga krav på både säkerhet och enkelhet. Kärnfunktioner Central autentisering (Fortified ID Integrity) En flexibel autentiseringstjänst som stödjer olika metoder och flöden anpassade för respektive användargrupp. Delegerad administration & självservice (Fortified ID Control) Avlasta IT med delegerad administration, självregistrering, provisionering och recertifiering. Single Sign-On (SSO) Tjänsten levererar signle sign-on till kundens andra system och applikationer. Fördelar för er organisation • Säker autentisering med e-legitimationer – stöd för BankID, Feide, ForeignID och ID-porten. • Minskad belastning på IT – tack vare kontrollerad delegering och självservice för slutanvändare. • Automatiserad livscykelhantering – effektiv onboarding och offboarding av användare och grupper utan manuell hantering. Maximera Microsoft Entra ID Move Identity as a Service är utformad för att komplettera och förstärka Microsoft Entra ID. Med våra lösningar tar ni identitetshanteringen till nästa nivå, anpassad för moderna IT-organisationer med höga krav på både säkerhet och enkelhet. Close eID / VC IDombud Close IAM / IGA CONTROL Close IdP / MFA / SSO INTEGRITY Kommun.. ...ger anställda möjlighet att återställa lösenord med Bank ID. Läs användningsfall Myndighet... ...har löst Joiner-Mover-Leaver (JML) för alla sina användare med hjälp av lösningar från Fortified ID. Läs mer om JML Energibolag... ...låter sina kunder att säkert autentisera sig till mina sidor med Bank ID och anställda att välja mellan flera olika MFA metoder. Läs användningsfall Finansbolag... ...använder Fortified ID för att låta sina kunder ansluta säkert med BankID. Läs mer om Integrity Region... ...använder lösningar från Fortified ID för att lösa SITHS som säker inloggningsmetod mot ADFS. Läs Användningsfall Popular Integrations

As the digitalization of healthcare accelerates, it is more important than ever that the solutions we build actually fit in. That is why we at Fortified ID are particularly proud of how our products harmonize with Inera’s reference architecture. The platform offers support that Regions are influenced by current standardized protocols, enabling interoperability, secure authentication, and delegated access. Link between Fortified ID and Inera's technical regulations, collaboration and function Inera Reference Architecture As the digitalization of healthcare accelerates, it is more important than ever that the solutions we build actually fit in. That is why we at Fortified ID are particularly proud of how our products harmonize with Inera’s reference architecture. The platform offers support that Regions are influenced by current standardized protocols, enabling interoperability, secure authentication, and delegated access. By following established frameworks and implementing effective provisioning methods, Fortified ID ensures a unified and reliable identity infrastructure that meets the requirements for both security and flexibility. Fortified ID and Ineras Reference Architecture Link between Fortified ID and the interaction and function of the Reference Architecture Identity Provider (IdP) Fortified ID offers robust IdP services that enable user authentication and the generation of secure identity certificates. The solutions support multiple authentication methods and protocols, ensuring interoperability and ease of use. This includes support for single sign-on (SSO) and authentication context management, which is in line with the requirements of the reference architecture. Certificate Issuance and Brokering Fortified ID’s platform enables the issuance of both identity and access certificates, with support for both front-channel and back-channel communication. Certificates are digitally signed and can be tailored to specific attributes according to the principle of data minimization, which meets the security requirements of the architecture. Identity Data Warehouse Fortified ID provides a consolidated data warehouse solution, following the “identity fabric” pattern, ensuring quality-assured identity information. The solution supports attribute-based authorization evaluation and can integrate data from multiple sources, including HR systems and credential registers, which is central to creating a unified user profile. Provisioning Service By automating the provisioning of identity data, Fortified ID helps organizations manage the identity lifecycle efficiently. The solution supports both push and pull provisioning patterns and is compatible with standard protocols such as SCIM. E-Certificate Issuer Fortified ID is only involved in the issuance of Fortified ID Mobile. In other cases, existing e-credentials, such as SITHS or BankID, are used. The solution meets high trust requirements and offers support for multi-factor authentication. Access Certificate Service Fortified ID issues and manages access certificates that enable fine-tuned access control based on policies and attributes. Access certificates are seamlessly integrated into e-services to meet security and authorization requirements. API Security Service Fortified ID's API security solutions provide system-level authentication and authorization, facilitating secure communication between systems. The solution includes support for tokens and encrypted connections according to modern standards. System Authentication and Authorization The platform enables secure authentication and authorization between systems through standardized protocols and token management. This includes support for delegation and verification of access rights. Delegated access from users Fortified ID implements delegated access solutions, which enable users to transfer access rights securely and efficiently, including across organizational boundaries. This supports multiple interaction patterns such as certificate exchange and re-authentication. Identity and Credential Federation Fortified ID's federation solutions ensure interoperability between different organizations and services through standardized trust frameworks and attribute exchange. They enable efficient collaboration through secure and reliable processes. Governance Service Fortified ID’s rule management is flexible and scalable, enabling you to implement and interpret rules in a machine-readable manner. The services support granular and dynamic access control rules. Access Governance and Compliance Support Services Fortified ID offers comprehensive governance and compliance support services, including logging and reporting to ensure compliance and access is properly regulated. Link between Fortified ID and the Reference Architecture Technical Regulations Technical Protocol and Format Breakdown Fortified ID provides support for modern technical protocols and formats required for authentication, federated login, and delegated access. The platform uses JSON Web Tokens (JWT) and other standardized certificate types, ensuring interoperability and secure management of identity and access data according to the recommendations in the reference architecture. Recommended protocols by capability Fortified ID implements the recommended protocols for federated login, SSO, and delegated access, such as SAML2, OpenID Connect, and OAuth 2.0. This alignment enables interoperability with e-services and supports different technical platforms in parallel. Fortified ID also focuses on providing support for both new and existing protocols, such as SAML2, which facilitates integration with existing systems. Protocols for Federated Login and SSO Fortified ID's solutions implement both OpenID Connect and SAML 2.0 for federated login and SSO. The services support authentication context and secure authentication request management, which follows the specific requirements listed in the reference architecture. The solutions also provide logout management capabilities in a manner that aligns with recommended standards. Delegated Access Protocols Fortified ID uses OAuth 2.0 as the primary protocol for delegated access, including flows such as Authorization Code. This enables secure access management between users and systems, as well as between different systems, addressing the needs highlighted in the architecture. Authentication Protocols Fortified ID solutions support modern authentication protocols, including Mutual-TLS with x.509 certificates and FIDO2. These protocols offer strong security through asymmetric encryption and support for multi-factor authentication, meeting the requirements for robust authentication for both users and systems. Technical Frameworks for Federation Fortified ID follows frameworks such as SAMBI, Sweden Connect, Verifiable credentials and OpenID Connect Federation to ensure interoperability and secure management of metadata between different identity providers and services. This supports trust frameworks and standards for federation, which is a key component of the reference architecture. Technical Frameworks for Provisioning The platform includes support for the SCIM protocol for efficient provisioning of identity data. This ensures that user information can be provided to systems and e-services in a standardized and quality-assured manner, which meets the recommendations in the architecture. PDF Book a meeting

FAQ om Fortified ID – svar om digital identitet, IAM, IdP, e-legitimation, LoA 2–4, SITHS, IGA och digital tillit för offentlig och privat sektor. Frequently asked questions Tjänstelegitimation Company IAM terms Municipality Vad är IDombud eID? IDombud eID är en lösning för digital tjänstelegitimation där organisationer kan utfärda, hantera och återkalla identiteter för medarbetare, konsulter och andra personer i uppdrag. Lösningen är utformad för verksamheter som behöver hög tillit, tydlig livscykelhantering och bättre kontroll över hur identiteten används. Vad är skillnaden mellan IDombud eID och en privat e-legitimation? En privat e-legitimation är kopplad till individen som privatperson. IDombud eID är i stället kopplad till individens roll eller funktion i organisationen. Det gör den mer lämplig för arbetsrelaterad inloggning, åtkomst till interna system och situationer där identiteten behöver styras av verksamhetens regler. Kan vi använda IDombud eID i vår befintliga IT-miljö? Ja. IDombud eID kan användas tillsammans med befintlig identitets- och behörighetsinfrastruktur, till exempel kataloger, federationslösningar och andra inloggningsflöden. Det gör det möjligt att införa tjänstelegitimation utan att behöva byta ut hela den nuvarande miljön. Kan IDombud eID levereras som tjänst eller i egen drift? Ja. IDombud eID kan levereras både som tjänst och för egen drift. Det gör att organisationer kan välja den modell som bäst passar deras krav på kontroll, säkerhet, drift och ansvarsfördelning. För vilka verksamheter passar IDombud eID? IDombud eID passar särskilt bra för organisationer med höga krav på säker identitetsstyrning, till exempel offentlig sektor, vård, samhällskritiska verksamheter och andra reglerade miljöer. Det är också relevant för verksamheter som behöver hantera identiteter för fler än bara anställda, till exempel partners, konsulter eller externa uppdragstagare.

Fortified ID Forms is an application for digitizing process flows. Examples can be creating users (e.g. employees, consultants, partners), editing users or listing "my users" or "my groups". With Forms you get access to a tool to create web-based flows to delegate the administration to the users responsible for certain information in a simple way. > Our Solutions > Identity Management > Automate > Automate Fortified ID Automation provides the ability to extract data from one or more source systems, change or influence that data, and then update one or more target systems. An example application is extracting data from an HR system to identify newly registered users. These user objects can then be processed and automatically provisioned to target systems such as Active Directory, Google Workspace, or Microsoft Entra ID. Automate the management of identities and groups Automate group membership Send authentication requests to the Automate API Overview Use cases Get started HR and Personnel Systems Heroma: Integrated to retrieve personal and employment data from the HR system. SchoolSoft: Used to transfer student and staff data to the identity management system. IST: Mainly used in schools/preschools to fetch student and staff information for identity systems. NETSuite: Integrated to retrieve user and organizational data from the cloud-based ERP system. Directory Services & Identity Sources LDAP: Used to read and manage user data from directory services like Active Directory. LDIF: A standardized text format for importing/exporting directory information, often related to LDAP. OpenDJ: An open-source LDAP-compatible directory commonly used in identity management. Microsoft Entra: Used for managing identities and access within Microsoft’s cloud-based platform. Google: Enables synchronization with Google Workspace for account and group management. SCIM: A standard protocol for automatic provisioning of users between systems. Databases and Generic Data Sources SQL Server: Common integration for reading or writing data directly to a Microsoft SQL database. IBM DB2: Integration with this relational database allows for retrieving user data via SQL. ODBC/JDBC: Generic drivers to connect to various databases regardless of vendor. CSV: A simple file-based integration where user data is imported or exported in plain text format. ITSM and Ticketing Systems BMC Remedy: Integrated to automate ticket handling and create users from support workflows. ServiceNow: Used to automatically create accounts or retrieve user data through the ITSM platform. Web and API-Based Systems RESTGeneric: A flexible integration using REST APIs to communicate with external systems. Salesforce: Used to fetch or update user information in the CRM system. Joomla: Syncs user identities between a content management system and the IAM platform. Sometimes, company admins may want power users, team managers, or even external users to handle administrative tasks for a specific team or a subset of users within the organization. Granting full administrative permissions to these users isn’t the best practice or ideal approach—this is where the Delegated Administration feature comes in. Automate is a back-end service with a configuration UI for adding pipes that you choose whether they should execute on a schedule or via API calls. Automate does not have a UI for end users, if you are looking for such an application, Fortified ID Forms is the one to look at. A pipe consists of one or more valves where a valve is a configurable component for handling data. Mentioned below are source systems and target systems. See the Integration tab for which systems Automate can integrate with. See below for a number of use cases: Delegated Admins are users outside the main it administrators who are given limited administrative privileges to perform specific tasks within a particular area or department of an organization. This approach is common in large companies, as it allows other users to assist with certain activities while providing a degree of autonomy within their department. It also enhances flexibility and boosts efficiency, particularly when managing access within the prganisation. Platform Fortified ID Automate is available on multiple platforms. Windows, Linux, or Container (Docker) Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) As a service through our partners. Contact us for more information. Contact us Contact us at info@fortifiedid.se or fill out our web form here: Contact us BankID eIDAS EFOS Certificate Skolfederation Sweden Connect Sweden Connect Sambi SITHS eID Passkey Authenticator OTP Sambi Freja Freja SITHS eID Passkey Authenticator OTP Sambi Sambi Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

28 Maj kl 09:00 IDombud från Fortified ID är utvecklad för organisationer som behöver en integritetsdriven digital identitet som är byggd för att minimera datadelning. IDombud gör det möjligt för användare att bevisa det som krävs utan att exponera mer information än nödvändigt. Lösningen bygger på samma grundprinciper som den europeiska digitala identitetsplånboken och DIGG's ramverk. Se hur IDombud fungerar som en modern tjänstelegitimation, kopplad till individens funktion i organisationen snarare än till privatpersonen. Få en live-demo av hur IDombud kan utfärdas, användas och hanteras på mobil, surfplatta, dator och med passkeys. Upptäck hur stark identifiering kan användas även på delade enheter, med bättre spårbarhet och högre säkerhet i vardagen. Lär dig hur flera tillitsnivåer kan hanteras i samma plattform, så att rätt nivå av säkerhet kan användas för rätt system och rätt situation. Se hur organisationer kan ge medarbetare, konsulter och partners en säker och tillförlitlig digital identitet med stöd för moderna arbetssätt. Välkommen att ta del av insikter och konkreta tips som kan hjälpa er att optimera er organisation. 🗓 Datum: Torsdag 28:e Maj ⏰ Tid: 09:00–09:45 Anmäl dig idag och ta ett viktigt steg mot digital tillit! Anmäl dig här Webinar: Tjänstelegitimation IDombud 28:e Maj - Kl 09 : 00 Er organisations egna e-legitimation, privacy first. Utfärda, hantera, revokera er egna tjänstelegitimation. Dela det som behövs, användarkontrollerad identitet. Snabbt utfärdade med egen ansökningstjänst Lagra eID på mobil, surfplatta eller passkey. Läs mer Anmäl dig här