Why Fortified ID Fortified ID helps municipalities, authorities, regions and private companies with modern IAM. Protect your organization's applications, for employees, citizens, educational activities, e-services, healthcare personnel, etc. Modern & flexible IAM Domain knowledge & experience Direct dialog Modern dev ops infrastructure Native Entra ID support Service focus About us We at Fortified ID have a background as product developers for Nordic Edge, Intel/McAfee and PhenixID. Fortified ID develops modern products for strong authentication and identity management that are designed for the new requirements that our customers face today. Our solutions are built with modern operations in mind, a solution that delivers what those responsible for IT operations demand (Dev-ops). It should be easy to manage, automate, update and monitor our products regardless of size of the implementation. We have long acted as advisors for many large organizations in the areas of strong authentication, identity management and electronic snignature.

Now that Microsoft has decided to phase out MIM (end-of-life), organizations need to plan for the next step. With Control from Fortified ID, the transition can be controlled and gradual. Control can replace both the portal and the synchronization engine, or be introduced in parallel to gradually take over functions. At the same time, new modern flows are enabled, such as self-registration with e-identifications such as BankID and Freja eID. A controlled life after MIM with Fortified ID Control Life after MIM Replace MIM at your own pace Reduce complexity and technical debt Create new opportunities beyond MIM Many organizations use Microsoft Identity Manager (MIM) to synchronize and keep user data up to date between different systems. MIM consists of a portal for control and administration and a synchronization engine for data flows between directories. Over time, many installations have been expanded with customizations and special solutions, which has made the environment complex and difficult to change. Now that Microsoft has decided to phase out MIM (end-of-life), organizations need to plan for the next step. With Control from Fortified ID, the transition can be controlled and gradual. Control can replace both the portal and the synchronization engine, or be introduced in parallel to gradually take over functions. At the same time, new modern flows are enabled, such as self-registration with e-identifications such as BankID and Freja eID. Microsoft has stopped further developing MIM and has announced that MIM will reach "end-of-support" in 2029. Already, many organizations are looking for complements/alternatives to the more vulnerable components of MIM, such as MIM Portal. MIM Portal is based on SharePoint 2019, which in turn reaches "end-of-life" on July 14, 2026 . Control from Fortified ID is a future-proof solution for IAM & IGA, regardless of whether users are stored in Entra ID, AD, SQL, Google, etc. End-of-life Book a meeting Control Demo In many MIM environments, MIM Service and Portal is used as the rules engine for authorization decisions, approval flows, and lifecycle management. These solutions are often tightly coupled with complex workflows and person-dependent customizations. With Control, this control can be moved to a modern service that is built for clarity, traceability, and ease of change. Control brings together decisions about access, roles, and permissions in a central view, making it possible to reduce or completely eliminate the dependency on MIM Service and Portal – without affecting underlying catalogs or sync flows. Move governance from MIM Service and portal to Control Keep MIM Synchronization – but in the right place During a MIM phase-out, it is common for MIM Synchronization to still be needed during a transition period to keep Active Directory and other data sources up to date. With Control, organizations can clearly separate governance from technology, where MIM Synchronization is reduced to just sync – not decision logic. This reduces the risk of errors, simplifies troubleshooting and makes the architecture more understandable. At the same time, better conditions are created to eventually replace synchronization with simpler or more modern solutions, as the business and risk picture allow. A future without MIM – step by step Once governance and decision logic have been moved from MIM Service and Portal to Control, and MIM Synchronization has been limited to a clear technical responsibility, it becomes possible to phase out MIM completely without stress or big bang migration. Control interacts naturally with Fortified ID's other solutions, such as Integrity and Confirm, creating a coherent identity chain from access decisions to verification. The result is a modern identity platform with clear component boundaries, reduced person dependency, and full control over identity and authorization – even long after MIM. Book a meeting Architecture All operations (read, write, update, delete) are performed by Fortified ID Control against its own SQL database. This SQL database is imported into the MIM synchronization engine via a management agent and thus becomes its own connector space. Book a meeting

Smooth integration with BankID to all applications BankID Protect logins to internal resources, my pages, supplier portals or similar with BankID. Issuance of BankID is handled outside the organization BankID is a method most people use privately Requires minimal administration in the organization Standardized integration Fortified ID is a reseller of BankID certificates needed to give users the ability to use BankID as a login method. BankID login available to everyone with Fortified ID From July 2025, new legal requirements on digital accessibility will also apply to the private sector. Is your BankID solution ready? Accessibility is no longer a choice – it is a requirement. With the new law on accessibility to digital services, companies must comply with standards such as WCAG 2.1 level AA and EN 301 549. An important part that is affected is the login flow with BankID, especially when QR codes are used between devices. Common challenges with BankID QR codes For people with; impaired vision, motor disabilities, cognitive difficulties or digital inexperience, the moving QR code in the BankID flow can be difficult to perceive and scan in time. Short display time, unclear placement and lack of assistive technology support create obstacles – and thus accessibility deficiencies. Fortified ID solves the problem We help you: Implement accessible display of BankID's QR code Ensure that your flows comply with WCAG 2.1 level AA Meet the requirements of EN 301 549 Make it easier for all users to identify themselves - regardless of their circumstances We offer compatible components, consulting and technical implementation that allow you to quickly and smoothly meet legal requirements - without compromising user experience or security. Read more on bankid.com Book a meeting BankID for business The MFA methods, BankID, are something many organizations want to use to a greater extent, also for their employees: Many users already have a BankID and know how it works The issuance of BankID is handled by another party. Cost savings. However, many organizations are hesitant to implement it, as many users are unwilling to use their “private” e-Legitimate in the service. Fortified ID's solution “BankID for civil servants” can help you! BankID for Business - PDF (SWE) Book a meeting

Med Fortified IDs produkter kan ni effektivt komplettera Microsoft Entra och ta identitetshanteringen till nästa nivå. Våra lösningar är särskilt utformade för att möta kraven hos moderna IT-organisationer och erbjuder: • Stöd för e-legitimationer som BankID, Freja, ForeignID och SITHS • Delegerad administration – minska belastningen på IT genom att möjliggöra kontrollerad delegerad- och självservice • Automatiserad hantering av användare och grupper – effektiv onboarding och offboarding > Solutions > Entra ID > Fortified ID's solutions seamlessly extend Microsoft Entra, helping you elevate your identity and access management strategy. Designed for the needs of modern IT organizations, our offerings provide: Support for eIDs such as BankID, Freja, ForeignID, and SITHS – secure and user-friendly authentication Delegated administration – reduce IT workload by enabling controlled delegated and self-service Automated user and group management – streamline onboarding and offboarding with reduced manual effort Read more below to see how Fortified ID can strengthen your Entra ecosystem. Maximize the Value of Microsoft Entra with Fortified ID Authentication Delegated Admin Self-registration As organizations grow in size and complexity, managing users and groups in Microsoft Entra becomes an ongoing task—whether it's updating user attributes or adjusting group memberships. Placing all of this responsibility on IT can quickly lead to bottlenecks and inefficiencies. With Fortified ID, you can delegate these tasks to the individuals who are actually responsible for the users or groups—without compromising security or giving excessive permissions. This approach improves efficiency, enhances control, and reduces the workload on IT. Examples of delegated scenarios: Manage your own groups ("Manage my groups") Extend expiration dates for external consultants under your responsibility Create tailored workflows for different user types Teachers can reset passwords for their students Managers certify their users annually Fortified ID Forms enables you to create web-based forms for managing directory objects—such as users and groups in Microsoft Entra—and assign responsibilities to the right people. The solution leverages Microsoft Graph API to securely read and write data directly in Entra, ensuring compliance and control. Streamline User and Group Management in Microsoft Entra with Fortified ID Forms Microsoft Entra enables centralized authentication and access control for integrated applications. While it offers a range of built-in authentication methods, it lacks native support for several eID solutions that are widely used across Sweden, the Nordics, and the EU. Examples include: BankID (SE) Freja eID (SE) Foreign eID via eIDAS (EU) SITHS and EFOS (SE) Norwegian BankID (NO) ID-porten (NO) Suomi.fi (FI) With Fortified ID Access, you can easily extend Microsoft Entra to support these national eIDs. This allows your Entra-connected applications to offer secure, compliant, and user-friendly authentication options tailored to local and regional requirements. Extend Authentication Capabilities in Microsoft Entra with Fortified ID Access External users—such as consultants, vendors, or partners—often require accounts in Microsoft Entra to access customer environments and perform their work. Manually creating these accounts can be time-consuming for IT and introduces risks if the user's identity is not properly verified. With Fortified ID Forms, you can offer a secure and user-friendly self-registration process, where the user initiates account creation and verifies their identity using a trusted national eID, such as BankID, Freja, or other approved solutions. Example of a Self-Registration Flow: The user visits a designated company webpage and authenticates using their eID. Additional information is collected, such as email address, mobile number, and contact person. Optional data enrichment can be performed—for example, retrieving official address information from tax authorities. Upon account creation, several automated actions can be triggered: An email is sent to the account owner to assign access rights. A welcome email is sent to the user. The user may be automatically signed in to the organization's portal to begin work. This portal can be built using Fortified ID Portal. With Fortified ID Forms, you can tailor the self-registration process to match your organization’s security policies, workflows, and operational needs—while significantly reducing the burden on your IT team. Secure and Controlled Self-Registration for External Users with Fortified ID Forms BankID eIDAS EFOS Certificate Skolfederation Sweden Connect Sweden Connect Sambi SITHS eID Passkey Authenticator OTP Sambi Freja Freja SITHS eID Passkey Authenticator OTP Sambi Sambi Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

Management Center är en självständig tjänst från Fortified ID som möjliggör enkel installation, uppgradering, konfiguration och övervakning av samtliga Fortified ID-produkter. > Products > Management Center > Management Center is an independent service from Fortified ID that provides easy installation, upgrade, configuration and monitoring of all Fortified ID products. Overview Screen dumps Get started All communication with underlying products is done via standards-based APIs, which provides several benefits: Small footprint – The products are delivered without configuration UI, configuration is done via Management Center. Independent updates – Management Center can be updated without affecting the underlying products. Optimized performance – Underlying products remain focused on their core tasks without unnecessary administrative overhead. Centralized administration – Management Center handles all Fortified ID products, providing a consistent user experience. Versioned configuration – With 'snapshot' functionality, configurations can be easily version-controlled. Flexible availability – The Management Center can be disabled without affecting the underlying products. With Management Center you get a clear overview and easy management of an installed product. Monitoring Log management Upgrades Management The Management Center provides a clear overview and makes it easy to change an existing configuration. With snapshot support, configuration versions can be easily managed. All products have a unified interface that makes it easy to manage the different products from Fortified ID. Configuration Platform Fortified ID Management Center is available on multiple platforms. Windows, Linux, or Container (Docker) Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) As a service through our partners. Contact us for more information. Contact us Contact us at info@fortifiedid.se or fill out our web form here: Contact us

FAQ om Fortified ID – svar om digital identitet, IAM, IdP, e-legitimation, LoA 2–4, SITHS, IGA och digital tillit för offentlig och privat sektor. Frequently asked questions Company IAM terms Municipality Who are Fortified ID? Fortified ID is a Swedish company that delivers digital identity, access and trust solutions to both the public and private sectors. The company helps organizations create secure, trusted and compliant digital services through strong authentication, federated login and identity management. What does Fortified ID do? Fortified ID delivers solutions for digital identity, access and digital trust across the entire identity lifecycle. This means that Fortified ID supports organizations in all phases of the user journey – from identity creation, change and termination. The solutions cover the entire Joiner–Mover–Leaver (JML) process: • Joiner – secure establishment of digital identity when a person joins the organization • Mover – controlled management of changing roles, assignments and permissions • Leaver – secure and traceable termination of access when the assignment ends Thus, Fortified ID helps organizations reduce security risks, meet regulatory requirements and automate identity management in both the public and private sectors. Which organizations does Fortified ID work with? Fortified ID works with a wide range of organizations that need secure digital identity, access and digital trust. This includes: • Municipalities • Regions • Governments • Private companies • Universities • Energy companies • Managed Security Service Providers (MSSPs) that integrate Fortified ID's solutions into their security services Fortified ID's solutions are used both directly by end customers and as part of larger ecosystems, where identity and access are a prerequisite for secure operation and service delivery. Municipalities need to manage multiple user groups with different security requirements. A modern IAM solution should support both strong authentication for staff and flexible e-identifications such as BankID or Freja eID for citizens, in the same architecture. Fortified ID differentiates itself from many other providers by offering flexible and integration-focused solutions that are designed to coexist with the customer's existing IT infrastructure. Instead of requiring extensive replacement of systems, Fortified ID works to connect and strengthen already established environments. The company has a strong customer focus and always starts from the organization's actual needs, conditions and regulations. Through close cooperation with the customer, it is ensured that the solutions are adapted to the business, not the other way around. Fortified ID also has deep expertise in integration and federated identity solutions, including complex environments with multiple identity sources, service providers and security requirements. This makes Fortified ID well suited for organizations that have mixed system environments and that need stable, long-term solutions for identity, access and digital trust.

Signing Signing from Fortified ID is a secure and robust solution for signing data electronically. Signing from Fortified ID meets the organization's need to apply legally binding signatures in a fast, secure and efficient way. With Signing, users can sign documents electronically through e-identifications such as BankID or Freja eID, which ensures both reliability and simplicity in the signing process. Book meeting A stand-alone signature service is a central sub-component of Fortified ID Signing. Here, e-identification is used as a tool for the user to be able to securely express his intention to sign a specific document or transaction. When the user initiates the signing process, the actual creation of the e-signature takes place within the stand-alone signature service, ensuring that the signing process is separate from the original application that the user interacts with. Use cases Standards such as XAdES, PAdES and SAML are used to ensure compatibility with different systems and legal requirements. By adhering to these established standards, the application can be integrated with a wide range of e-ID solutions and service providers, enabling users to sign documents and transactions in a secure and legally binding manner, regardless of the e-ID they use. Built on standards Book meeting Popular use cases with Fortified ID's customers are to use the organization's CA for: electronic signatures of PDF documents and transactions activation of certificate-based mobile apps certificate-based login with smart cards or yubikeys (FIDO2) activation of certificates for protection of devices activation of certificates to link an identity to a device (BYOD) Fortified ID ADCS Rest extension gives organizations the ability to: issuance of certificates in real time simple and smooth connection of the product to existing solution expand the number of services that can use the certificates Use cases Contact us First name* Surname* E-mail* Phone Message Send Centralized signature hub Signing from Fortified ID acts as a central signature hub for the organization, facilitating the integration, tracking and administration of electronic signatures. The solution can be implemented on-premise, in the cloud or as a hybrid solution, which provides flexibility in use and operation. Each service integrated with Sign can be customized with unique settings, such as which signature methods should be available to users.

Fortified ID Forms is an application for digitizing process flows. Examples can be creating users (e.g. employees, consultants, partners), editing users or listing "my users" or "my groups". With Forms you get access to a tool to create web-based flows to delegate the administration to the users responsible for certain information in a simple way. > Products > Control > Forms > Forms Fortified ID Forms is an application for digitizing process flows. Examples can be creating users (e.g. employees, consultants, partners), editing users or listing "my users" or "my groups". With Forms you get access to a tool to create web-based flows to delegate the administration to the users responsible for certain information in a simple way. With Forms, you can also build self-service flows and self-registration of users. In case of self-registration, a user proves himself with e.g. BankID where information is extracted and used to allow the user to create their own account. INTRO DEMO EXTERNAL USERS DEMO DELEGATED ADMIN Overview Use cases Get started Supplement Entra ID / Google with authentication with eLeg If your IdP does not support eLeg (BankID, Freja or Foreign ID, SITHS, EFOS), Fortified ID Access can easily be used as a complement to solve this. Read more CIAM Simple and smooth customer identity management (CIAM) Read more Create added value with the future of identity and access management! Increased digitalization in society also reinforces the importance of IAM. Read more Customer IAM (CIAM) for the public sector Self-registration, authorization management, and strengthened authentication Read more External accounts Choosing the right external account management tool is crucial to maintaining control and compliance, as well as creating a smooth and secure experience for users. Read more Sometimes, company admins may want power users, team managers, or even external users to handle administrative tasks for a specific team or a subset of users within the organization. Granting full administrative permissions to these users isn’t the best practice or ideal approach—this is where the Delegated Administration feature comes in. What are Delegated Admins? Delegated Admins are users outside the main it administrators who are given limited administrative privileges to perform specific tasks within a particular area or department of an organization. This approach is common in large companies, as it allows other users to assist with certain activities while providing a degree of autonomy within their department. It also enhances flexibility and boosts efficiency, particularly when managing access within the prganisation. What Can a Delegated Admin Do? Before implementing delegated administration, it’s crucial to clearly define what tasks the users with this access will be able to perform. As an IT administrator, you have full control over the system, but with delegated admins, you can selectively assign specific tasks they can assist with. Additionally, keep in mind that certain permissions—such as modifying permission sets, customizing standard objects, or editing page layouts—cannot be granted through this functionality and should remain the responsibility of the IT administrator. Platform Fortified ID Forms is available on multiple platforms. Windows, Linux, or Container (Docker) Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) As a service through our partners. Contact us for more information. Contact us Contact us at info@fortifiedid.se or fill out our web form here: Contact us BankID eIDAS EFOS Certificate Skolfederation Sweden Connect Sweden Connect Sambi SITHS eID Passkey Authenticator OTP Sambi Freja Freja SITHS eID Passkey Authenticator OTP Sambi Sambi Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

Fortified ID Portal ger användare en tydlig översikt över de applikationer och tjänster de har tillgång till. Tilldelning av applikation kan enkelt styras baserat på roll, grupp eller andra definierade egenskaper. > Products > Integrity > Portal > Portal Fortified ID Access is a secure and flexible authentication platform. With ready-to-use authentication methods, you can create a secure and user-friendly login experience for your workforce, external accounts, and customers to your organization's applications and services. Overview Use cases Get started Norwegian BankID Norwegian BankID or the ID port for conditional access (Conditional Access) to resources in Entra ID Read more Complement ServiceNow with eLeg authentication If your IdP does not support eLeg (BankID, Freja or Foreign ID, SITHS, EFOS), Fortified ID Access can easily be used as a complement to solve this. Read more Supplement Entra ID / Google with authentication with eLeg If your IdP does not support eLeg (BankID, Freja or Foreign ID, SITHS, EFOS), Fortified ID Access can easily be used as a complement to solve this. Read more CIAM Simple and smooth customer identity management (CIAM) Read more IdP Broker / Proxy Fortified ID Integrity is compatible with many federations such as Sweden Connect, Skolfederation, SAMBI, SWAMID, eIDAS. Read more Digital National Exams (DNP) Connect your applications and services to Fortified ID Access for authentication, authorization, and single-sign on (SSO) Read more Act as SAML IdP or OIDC OP Connect your applications and services to Fortified ID Access for authentication, authorization, and single-sign on (SSO) Read more Portal is a web-based application that contains all the programs that have been assigned to you. The purpose is that you should not have to remember addresses to the different applications that you use in your everyday life. For example, if you have newly hired or hired staff, you can easily give them one place to go (Fortified ID Portal) to find all the applications that have been assigned to them. Fortified ID Portal supports Single Sign-On (SSO) for the apps that are published. The advantage of SSO is that after logging in to Fortified ID Portal, the user is automatically logged in to the application they click on. There is also support for adding extended login if an app requires higher security than Portal. Easily adapt to your organization's graphic profile. Use your own background image, logo, favicon and theme colors. Support for custom graphics Strong Authentication Securely access your applications with a single set of authentication methods. Reduce the number of times a user needs to authenticate as Single Sign-On (SSO) support is included. Single Sign-On (SSO) Platform Fortified ID Access is available on multiple platforms. Windows, Linux, or Container (Docker) Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) As a service through our partners. Contact us for more information. Contact us Contact us at info@fortifiedid.se or fill out our web form here: Contact us BankID eIDAS EFOS Certificate Skolfederation Sweden Connect Sweden Connect Sambi SITHS eID Passkey Authenticator OTP Sambi Freja Freja SITHS eID Passkey Authenticator OTP Sambi Sambi Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

> Solutions > Verticals > Verticals This is a space to promote the business, its products or its services. Use this opportunity to help site visitors become more familiar with the business and its offerings. Reach out to current and potential clients and customers to build a sense of connection and trust. Explain what makes the business unique. Identify the qualities that set it apart from its competitors and describe them, staying true to the brand's authentic voice. Add engaging details to catch readers' interest and hold their attention. Let them know how they can learn more about the business and take advantage of its products or services. Fortified ID hjälper myndigheter med stark autentisering för både anställda, konsulter och medborgare. Vi har lång erfarenhet av att integrera EFOS och Myndighets CA. Vi kan även samla alla e-tjänster under en central IdP och där erbjuda en mängd inloggningsmetoder som BankID, Freja eID m.m. Fortified ID kan även: Utföra inloggning på LOA 4 (Level of Assurance) Upprätta koppling mot alla interna datakällor för uppslag API erbjuds för appar som inte kan hanteras via t.ex. SAML/OpenID Connect. ID-mappning och ticket translation Fortified ID IdP kan agera som olika logiska IdP'er för att få en logisk separation för olika scenarier. Government Agencies Book a meeting Government Agencies-PDF Healthcare Gather all e-services under a central IDP with integration with different MFA methods, data sources and shared device login. Fortified ID is also able to offer: API for apps that cannot be managed via e.g. SAML/OpenID Connect. Obtain functionality such as ID mapping and “ticket translation” Connecting local IdP to Inera's authentication service Connecting local IdP to Inera's IDP (according to pattern with IdP Proxy) Book a meeting Read more Fortified ID helps municipalities with strong authentication for both employees, consultants and citizens. Our partners help set up a central portal for all e-services under a central IDP and offer a variety of login methods. API is offered for apps that cannot be managed via e.g. SAML/OpenID Connect. ID mapping and ticket translation Fortified ID IdP can act as different logical IdP's to get a logical separation for different scenarios. Manage federations with the various choices required for different users. Municipalities Read more Private Sector Fortified ID helps your business gain control over your digital identities. We can manage logins for internal users as well as consultants, customers, resellers or subcontractors. It is common for customers to want to simplify access and onboarding of "my pages" services, where historically users often had to reset the password every time they log in. Book a meeting External users MSSP Fortified ID's solutions are designed to fit large-scale implementations and several of the design decisions are made to facilitate Managed Security Service Providers. Our solutions are built with modern operations in mind and are a good fit for our partners who want to sell strong authentication as a service. The solution is easy to manage, automate, update and monitor and is well suited for many parallel implementations. ATEA ID IdP as a service Book a meeting

ADCS REST Extensions Fortified ID ADCS REST Extensions gives organizations using Microsoft Active Directory Certificate Services the ability to get more value from their existing certificate infrastructure. Book meeting Download PDF Popular use cases with Fortified ID's customers are to use the organization's CA for: electronic signatures of PDF documents and transactions activation of certificate-based mobile apps certificate-based login with smart cards or yubikeys (FIDO2) activation of certificates for protection of devices activation of certificates to link an identity to a device (BYOD) Fortified ID ADCS Rest extension gives organizations the ability to: issuance of certificates in real time simple and smooth connection of the product to existing solution expand the number of services that can use the certificates Use cases Microsoft provides a Certificate Authority (CA) for Windows called Active Directory Certificate Services (ADCS). ADCS is common in Swedish companies. Fortified ID ADCS REST Extensions enables a more dynamic issuance of certificates from ADCS via API calls. The APIs that ADCS offers are asynchronous and time-dependent, which means that services with real-time requirements (e.g. electronic signatures or activation of mobile apps) cannot consume these APIs. ADCS API Book meeting Contact us First name* Surname* E-mail* Phone Message Send

Fortified ID as a complement to Google Complement Google Complement Google's products with secure login via optional e-identification to guarantee a safe and smooth user experience. Integrate delegated password recovery that enables users to easily reset their passwords without compromising security. Additionally, provide delegated administration of user accounts and permissions to facilitate user role management and access control. This solution improves security and efficiency in the management of Google products, while creating a better experience for both users and administrators. Fortified ID Control can be used as a complement to Google. Fortified ID Control offers a modern interface with configurable flows that can be adapted to the specific needs of the organization. With Fortified ID Control, organizations can implement self-service flows, delegated administration and automation. Fortified ID Control also includes several functions for validating, merging and enriching data. The flows can also be supplemented with attestation points, where one or more approvers must approve a request. For example, this can be applied in flows to change permissions, create new users or delete user accounts. Fortified ID Control also manages password changes, both for the user himself and via delegated administration. Control from Fortified ID Book a meeting Google Use Cases Advantages of Fortified ID Control as a complement to MIM: Modern and flexible interface Customizable flows to accommodate your organization's different use cases Simple software lifecycle management Can be implemented on-premise, in the cloud or as a hybrid solution Option to keep MIMsynchronization engine and replace MIM Portal Uses an own SQL database with a dedicated connector space in MIM synchronization engine Future-proof support and maintenance Benefits Book a meeting All operations (read, write, update, delete) are performed by Fortified ID Control against its own SQL database. This SQL database is imported into the MIM synchronization engine via a management agent and thus becomes its own connector space. Architecture Book a meeting

Onboarding What choices and best practices are there when an organization is to connect new users and assign permissions? Fortified ID offers web-based onboarding via self-service or delegated administrators. The solution includes one or more target groups depending on needs, employees or external persons such as consultants, suppliers, customers, citizens and partners. Book meeting Architecture The solution has a high degree of self-service to offer smooth, simple and cost-effective onboarding. It should be easy for both the user and the receiving organization. Self-registration can be used in several different types of scenarios: The user starts self-registration via identification with e-ID, and thereby gets a shorter registration process as many details about the user are automatically retrieved from the e-ID Registration of unknown users who must verify email and phone before the application is sent to the responsible role for approval. Federative self-registration where the user chooses which organization they should authenticate to and then start a form for self-registration. On behalf of From a security perspective, organizations want to minimize the number of super administrators who have all or many permissions. At the same time, the need for management of digital identities is greater than ever today. With Onboarding from Fortified ID, selected individuals can administer identities and permissions that they are responsible for via a web interface. It can be department managers, application owners, educational staff, etc. This delegated setup provides efficient administration where IT staff have time for more productive tasks. Complex password policy Tech spec Onboarding from Fortified ID is designed with architecture that uses modern ways to install. This also creates new conditions for monitoring and analysis of how the system is doing and how it performs. Authentication methods (Integrity) BankID EFOS SITHS eID Skolfederation Passkey Suomi.fi Freja OrgID SAML Broker NetID OTP Azure ID-porten Freja eID Plus X.509 Certificate SITHS SWAMID Google FIN eID smart card eIDAS Svenska pass Sambi Telia eID ADFS Common smart card Functions Self service Complexity control Custom branding Multiple data sources Monitoring Multiple data sources Delegerad password reset SIEM ready Installation Docker Linux GCP Windows Azure AWS Integrations LDAP directory Microsoft Entra ID Web/REST ODBC or JDBC Google Workspace Microsoft Azure Contact us First name* Surname* E-mail* Phone Message Send

Use BankID, Freja, SITHS & EFOS with ADFS without complexity Integrity ♥︎ ADFS Modernize ADFS without changing platforms Support for SITHS, BankID, Freja and EFOS Full control over policy, LoA and attributes Many organizations use ADFS as the basis for identity and access. At the same time, there is a need to support multiple e-identifications – such as BankID, Freja eID, SITHS and EFOS – for different user groups, services and regulatory requirements. Integrity is the product that solves this. It makes it possible to use multiple eIDs together with ADFS in a secure, controlled and future-proof way – without building special solutions or replacing existing infrastructure. The challenge with ADFS and multiple eIDs ADFS is a stable, proven and often business-critical platform for identity and access management in many organizations. At the same time, it is not designed to smoothly manage multiple e-identifications in parallel. When the business needs to support different types of eID, different levels of trust depending on the service, as well as both national and sector-specific solutions, technical and organizational challenges quickly arise. Add to this changing regulations and increased demands on security and traceability. In practice, this often leads to ADFS being integrated directly with each individual eID provider. This type of solution quickly becomes difficult to maintain, costly to develop further and sensitive to changes. The result is an identity architecture with high complexity, increased administrative burden and limited flexibility when new requirements or eIDs need to be introduced. Book a meeting Se Movie Integrity as an eID layer on top of ADFS Integrity solves these challenges by acting as a federated eID and authentication layer on top of ADFS. ADFS continues to be the organization's central identity provider and policy engine, while Integrity takes responsibility for the integration with external eIDs and the logic required to handle multiple authentication methods in a unified manner. This creates a clear division of responsibility and reduces the load on the ADFS environment. With Integrity, different user groups can be authenticated with the eID that is most appropriate for each situation. Citizens can log in with BankID, healthcare employees can use SITHS, external users can be authenticated with Freja eID, and companies or organizations can be identified via EFOS. Everything is done through a single integration with ADFS, which simplifies the architecture and makes the solution easier to manage and further develop over time. Use Cases A secure and future-proof identity solution With Integrity, organizations have the opportunity to use multiple e-identifications in parallel, without having to replace ADFS or lock themselves into specific providers. The solution enables flexible control of authentication based on user type, service, risk level and applicable regulations, while trust levels, attributes and consent are managed centrally and consistently. This ensures that the right level of security is used in every situation. The clear connection between eID, user and authentication session creates full traceability and strong support for auditing, incident management and compliance. This makes Integrity particularly well suited for authorities, regions, municipalities and other regulated businesses that need to combine SITHS and EFOS with commercial eIDs. Book a meeting Architecture Use Cases Book a meeting

In order for a user to be able to use strong authentication, it is preceded by an activation/registration for the user. With Fortified ID Enrollment, a user can do this easily on their own or designated administrators can do this for the user. For example, a support technician can prepare a mobile phone so that it both has the app (e.g. Microsoft Authenticator) installed but also is tied to the user's account. > Products > Integrity > Enrollment > Enrollment In order for a user to be able to use strong authentication, it is preceded by an activation/registration for the user. With Fortified ID Enrollment, a user can do this easily on their own or designated administrators can do this for the user. For example, a support technician can prepare a mobile phone so that it both has the app (e.g. Microsoft Authenticator) installed but also is tied to the user's account. Overview Get started OATH-SW and OATH-HW can be easily activated for Microsoft Authenticator, Google Authenticator, YubiKeys or equivalent. Registration of Passkeys (WebAuthn/Fido2) Fortified ID's own mobile application for strong and secure authentication Platform Fortified ID Enrollment is available on multiple platforms. Windows, Linux, or Container (Docker) Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) As a service through our partners. Contact us for more information. Contact us Contact us at info@fortifiedid.se or fill out our web form here: Contact us BankID eIDAS EFOS Certificate Skolfederation Sweden Connect Sweden Connect Sambi SITHS eID Passkey Authenticator OTP Sambi Freja Freja SITHS eID Passkey Authenticator OTP Sambi Sambi Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

> Products > Integrity > Access > Access Fortified ID Access is a secure and flexible authentication platform. With ready-to-use authentication methods, you can create a secure and user-friendly login experience for your workforce, external accounts, and customers to your organization's applications and services. Overview Use cases Get started Norwegian BankID Norwegian BankID or the ID port for conditional access (Conditional Access) to resources in Entra ID Read more Complement ServiceNow with eLeg authentication If your IdP does not support eLeg (BankID, Freja or Foreign ID, SITHS, EFOS), Fortified ID Access can easily be used as a complement to solve this. Read more Supplement Entra ID / Google with authentication with eLeg If your IdP does not support eLeg (BankID, Freja or Foreign ID, SITHS, EFOS), Fortified ID Access can easily be used as a complement to solve this. Read more CIAM Simple and smooth customer identity management (CIAM) Read more IdP Broker / Proxy Fortified ID Integrity is compatible with many federations such as Sweden Connect, Skolfederation, SAMBI, SWAMID, eIDAS. Read more Digital National Exams (DNP) Connect your applications and services to Fortified ID Access for authentication, authorization, and single-sign on (SSO) Read more Act as SAML IdP or OIDC OP Connect your applications and services to Fortified ID Access for authentication, authorization, and single-sign on (SSO) Read more Fortified ID Integrity Access combines Single Sign-On (SSO) and a wide range of multi-factor authentication (MFA) methods to ensure easy and secure access to applications and services. With support for a wide range of protocols and standards, including SAML, OpenID Connect (OIDC), LDAP, JDBC, and REST API, the product offers seamless integration into cloud, on-premises, and hybrid environments. Its proxy functionality enables translation and interoperability between different authentication protocols, making it ideal for organizations with complex IT environments. With features like SAML and OIDC, the integrity platform fits into modern solutions. The service can function as: - SAML IDP - SAML SP - SAML BROKER - OIDC OP - OIDC RP Built for the web Relying on usernames and passwords to protect corporate data is simply not good enough. Fortified ID Access comes with a variety of methods for identifying users where passwords are either excluded or one of several factors (MFA/2FA). Strong Authentication In secure environments, authorization must always follow authentication. A flexible architecture enables decisions based on data from virtually anywhere. Authorize the user Platform Fortified ID Access is available on multiple platforms. Windows, Linux, or Container (Docker) Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) As a service through our partners. Contact us for more information. Contact us Contact us at info@fortifiedid.se or fill out our web form here: Contact us BankID eIDAS EFOS Certificate Skolfederation Sweden Connect Sweden Connect Sambi SITHS eID Passkey Authenticator OTP Sambi Freja Freja SITHS eID Passkey Authenticator OTP Sambi Sambi Popular Secure MFA Methods Our solutions are based on a module-based architecture, which enables a wide range of advantages for automation, monitoring and efficient management. We know these qualities are central abilities both for operations managers and DevOps. This makes it easier to have control over IT environments and, by extension, your digital identities with cost efficiency.

Contact us First name* Surname* E-mail* Phone Message Send Read more Signing from Fortified ID meets the organization's need to apply legally binding signatures in a fast, secure and efficient manner. Read more APPLICATIONS: Access (MFA / SSO) Portal Enrollment Radius Handle all types of secure login including MFA and eID. Single sign-on portal with an agile IdP that can handle SAML, OIDC and ADFS. Control from Fortified ID is a solution that focuses on the secure and efficient management of digital identities and their permissions. The solution helps to simplify and automate processes for managing user permissions, role-based access, group memberships, onboarding/offboarding, and more. Read more APPLICATIONS: Forms Automate Attest Password reset Fortified ID ADCS REST Extensions enable organizations using Microsoft Active Directory Certificate Services to get more value from their existing certificate infrastructure. Read more Management Center is an independent service from Fortified ID that enables easy installation, upgrade, configuration and monitoring of all Fortified ID products. Read more Energy company Fortified ID protects a Swedish energy company's login for both internal and external users. Customers can securely authenticate to my pages with Bank ID and employees can choose from several different MFA methods. Read Use Case Energy company Fortified ID protects a Swedish energy company's login for both internal and external users. Customers can securely authenticate to my pages with Bank ID and employees can choose from several different MFA methods. Read Use Case Energy company Fortified ID protects a Swedish energy company's login for both internal and external users. Customers can securely authenticate to my pages with Bank ID and employees can choose from several different MFA methods. Read Use Case Finance company ...använder Fortified ID för att låta sina kunder ansluta säkert med BankID. Explore Swedish Healthcare Swedish Region uses solutions from Fortified ID to resolve SITHS as a secure login method against ADFS. The solution integrates with existing infrastructure and complements where existing solutions are not sufficient. Read use case

System for Cross-domain Identity Management SCIM What is SCIM? SCIM (System for Cross-domain Identity Management) is a standard protocol for managing identity information across different systems. It simplifies and automates the management of user accounts and access in cloud-based applications and services. Overview The key components of SCIM include: Standardization: SCIM defines a standardized API and data model for identity management. Automation: Enables automation of tasks such as user creation, updates, and deletion. Interoperability: Facilitates integration between Identity Providers (IdP) and Service Providers (SP). Efficiency: Reduces manual processes and the risk of errors. Common challenges with SCIM: Complex implementation: Requires adaptation depending on the specific IT environment. Scalability: Managing large user databases can be challenging without the right tools. Security: Requires proper authentication and authorization to protect data. Book a meeting How can FortifiedID address SCIM-related challenges? FortifiedID provides an identity platform with advanced features for managing user identities and permissions. It enhances and simplifies SCIM implementations through: Ready-to-use SCIM integrations: Delivers out-of-the-box support for SCIM, reducing the need for custom solutions. Provides tools to quickly connect various applications and services. Automation and scalability: Automates the entire lifecycle of user management, from creation and updates to deactivation. Designed to handle large organizations and complex IT environments with high performance. Security and compliance: Integrates secure authentication and authorization for SCIM APIs, including support for OAuth and other modern standards. Helps ensure compliance with regulations such as GDPR and SOC 2. Adaptability and flexibility: Supports custom attributes and schema extensions to address unique requirements of different applications. Makes it easy to configure and manage rules and policies for various service providers. Centralized management: FortifiedID acts as an Identity Hub, centralizing identity management and simplifying integration between multiple systems. Complement: FortifiedID seamlessly integrates with your existing infrastructure, filling any functional gaps to provide a complete and efficient solution. Expertise: With our SCIM expertise and a team of experienced specialists, FortifiedID supports you throughout the entire process – from implementation to managing integration details. Summary SCIM provides a standardized and powerful approach to identity management, but it can be technically demanding to implement and scale. FortifiedID solves these challenges by offering automated, secure, and scalable solutions that are easy to integrate into both new and existing IT systems. Book a meeting

As the digitalization of healthcare accelerates, it is more important than ever that the solutions we build actually fit in. That is why we at Fortified ID are particularly proud of how our products harmonize with Inera’s reference architecture. The platform offers support that Regions are influenced by current standardized protocols, enabling interoperability, secure authentication, and delegated access. Link between Fortified ID and Inera's technical regulations, collaboration and function Inera Reference Architecture As the digitalization of healthcare accelerates, it is more important than ever that the solutions we build actually fit in. That is why we at Fortified ID are particularly proud of how our products harmonize with Inera’s reference architecture. The platform offers support that Regions are influenced by current standardized protocols, enabling interoperability, secure authentication, and delegated access. By following established frameworks and implementing effective provisioning methods, Fortified ID ensures a unified and reliable identity infrastructure that meets the requirements for both security and flexibility. Fortified ID and Ineras Reference Architecture Link between Fortified ID and the interaction and function of the Reference Architecture Identity Provider (IdP) Fortified ID offers robust IdP services that enable user authentication and the generation of secure identity certificates. The solutions support multiple authentication methods and protocols, ensuring interoperability and ease of use. This includes support for single sign-on (SSO) and authentication context management, which is in line with the requirements of the reference architecture. Certificate Issuance and Brokering Fortified ID’s platform enables the issuance of both identity and access certificates, with support for both front-channel and back-channel communication. Certificates are digitally signed and can be tailored to specific attributes according to the principle of data minimization, which meets the security requirements of the architecture. Identity Data Warehouse Fortified ID provides a consolidated data warehouse solution, following the “identity fabric” pattern, ensuring quality-assured identity information. The solution supports attribute-based authorization evaluation and can integrate data from multiple sources, including HR systems and credential registers, which is central to creating a unified user profile. Provisioning Service By automating the provisioning of identity data, Fortified ID helps organizations manage the identity lifecycle efficiently. The solution supports both push and pull provisioning patterns and is compatible with standard protocols such as SCIM. E-Certificate Issuer Fortified ID is only involved in the issuance of Fortified ID Mobile. In other cases, existing e-credentials, such as SITHS or BankID, are used. The solution meets high trust requirements and offers support for multi-factor authentication. Access Certificate Service Fortified ID issues and manages access certificates that enable fine-tuned access control based on policies and attributes. Access certificates are seamlessly integrated into e-services to meet security and authorization requirements. API Security Service Fortified ID's API security solutions provide system-level authentication and authorization, facilitating secure communication between systems. The solution includes support for tokens and encrypted connections according to modern standards. System Authentication and Authorization The platform enables secure authentication and authorization between systems through standardized protocols and token management. This includes support for delegation and verification of access rights. Delegated access from users Fortified ID implements delegated access solutions, which enable users to transfer access rights securely and efficiently, including across organizational boundaries. This supports multiple interaction patterns such as certificate exchange and re-authentication. Identity and Credential Federation Fortified ID's federation solutions ensure interoperability between different organizations and services through standardized trust frameworks and attribute exchange. They enable efficient collaboration through secure and reliable processes. Governance Service Fortified ID’s rule management is flexible and scalable, enabling you to implement and interpret rules in a machine-readable manner. The services support granular and dynamic access control rules. Access Governance and Compliance Support Services Fortified ID offers comprehensive governance and compliance support services, including logging and reporting to ensure compliance and access is properly regulated. Link between Fortified ID and the Reference Architecture Technical Regulations Technical Protocol and Format Breakdown Fortified ID provides support for modern technical protocols and formats required for authentication, federated login, and delegated access. The platform uses JSON Web Tokens (JWT) and other standardized certificate types, ensuring interoperability and secure management of identity and access data according to the recommendations in the reference architecture. Recommended protocols by capability Fortified ID implements the recommended protocols for federated login, SSO, and delegated access, such as SAML2, OpenID Connect, and OAuth 2.0. This alignment enables interoperability with e-services and supports different technical platforms in parallel. Fortified ID also focuses on providing support for both new and existing protocols, such as SAML2, which facilitates integration with existing systems. Protocols for Federated Login and SSO Fortified ID's solutions implement both OpenID Connect and SAML 2.0 for federated login and SSO. The services support authentication context and secure authentication request management, which follows the specific requirements listed in the reference architecture. The solutions also provide logout management capabilities in a manner that aligns with recommended standards. Delegated Access Protocols Fortified ID uses OAuth 2.0 as the primary protocol for delegated access, including flows such as Authorization Code. This enables secure access management between users and systems, as well as between different systems, addressing the needs highlighted in the architecture. Authentication Protocols Fortified ID solutions support modern authentication protocols, including Mutual-TLS with x.509 certificates and FIDO2. These protocols offer strong security through asymmetric encryption and support for multi-factor authentication, meeting the requirements for robust authentication for both users and systems. Technical Frameworks for Federation Fortified ID follows frameworks such as SAMBI, Sweden Connect, Verifiable credentials and OpenID Connect Federation to ensure interoperability and secure management of metadata between different identity providers and services. This supports trust frameworks and standards for federation, which is a key component of the reference architecture. Technical Frameworks for Provisioning The platform includes support for the SCIM protocol for efficient provisioning of identity data. This ensures that user information can be provided to systems and e-services in a standardized and quality-assured manner, which meets the recommendations in the architecture. PDF Book a meeting

Releases Fortified ID delivers products that are tailored for dev ops. Contact us at support@fortifiedid.se to get access to the download area. Below you can see all current releases Integrity Control Latest Release: - Access 3.6.0 2026 - 04 - 09 Read release notes Latest Release: - Portal 3.1.1 2025 - 05 - 02 Read release notes Latest Release: - Enrollment 3.1.0 2025 - 03 - 31 Read release notes Latest Release: - Radius 3.1.0 2025 - 03 - 31 Read release notes All technical documentation Latest Release: - Forms 3.2.0 2025 - 07 - 15 Read release notes Latest Release: - Password Reset 3.1.1 2026 - 02 - 13 Read release notes Latest Release: - Automate 3.0.1 2025 - 03 - 31 Read release notes Latest Release: - Management Center 1.3.1 2026 - 02 - 13 Read release notes