Okta connectors in action: The Active Cyber Trust Portal

Active Cyber is a leading pioneer in digital transformation, partnering with top technology leaders to help turn Identity and Access Management (IAM) into a strategic strength for today’s organizations.

Over a decade of partnership, Active Cyber has delivered more than 600 Okta implementations — spanning Okta Workforce Identity Cloud and Okta Customer Identity Cloud — to enable secure, seamless, and transformative digital experiences.

Nowhere is Active Cyber’s expertise more apparent than in the Active Cyber Trust Portal — an innovative solution that solves the problem of delegating access to applications while maintaining strict security protocols and protecting user privacy.

The need: Delegated application access

Modern Customer Identity and Access Management (CIAM) systems are very effective at authenticating individual users and managing their access rights. However, co-managed authentication — authenticating users to applications, systems, and resources on behalf of other users — is beyond the core functionality.

There are many scenarios in which co-managed authentication to delegate application access is required, including overcoming:

  • Accessibility challenges: an account holder cannot physically log into their services
  • Privilege limitations: a member of the workforce needs some degree of access to a system, but lacks sufficient privileges

Existing "solutions" often require additional accounts and devices to be registered and set up, but authentication challenges and authorization limitations frequently lead users to resort to unsafe authentication practices.

Recognizing the downsides of these cumbersome, time-consuming, and insecure workarounds, Active Cyber built a solution by leveraging Okta connectors: a collection of API endpoints and data manipulation functions sequenced as flows.

The solution: Active Cyber Trust Portal

The Active Cyber Trust Portal is a system that performs co-managed authentication by authenticating users (“Actors”) to applications on behalf of other users (“Targets”) without the need to share credentials or multi-factor authentication (MFA) codes.

 

Active Cyber Trust Portal
The Trust Portal allows pre-authorized users to access systems on behalf of other users without the need for credential sharing or shared MFA device

Real-world examples of the process above:

  • A caregiver (the actor) can log in to a healthcare portal on behalf of a Wounded Warrior (the target), to complete tasks like scheduling appointments, renewing prescriptions, and retrieving records.
  • A system administrator (the actor) can log in to an external application on behalf of a project manager (the target) who doesn’t have the access privileges to do so.

In each case, the actor logs in to the Trust Portal and then requests to act on behalf of the target for the application in question. The Trust Portal validates the relationship, and the actor is now able to log in on the target’s behalf.

 

Active Cyber Trust Portal example
In this example, Catherine Harper is acting on behalf of Matthew Arthur; upon authenticating, Catherine can access Matthew’s applications

 

Benefits for application/service providers

Using the Active Cyber Trust Portal to enable delegated access to your applications, services, and resources offers a number of important benefits, including:

  • Streamlined access management: The solution is easy to use, doesn’t require any code changes for SAML integrations, and needs only minimal code updates for OIDC integrations.
  • Efficient time management: Straightforward access controls save time for everyone.
  • Enhanced security: The Trust Portal implements industry-best security measures and protocols, and is fully auditable in the customer environment and out-of-the-box in Okta.
  • Flexible design and migration plans: Each implementation is fully customizable to meet your specific needs.

How does the Active Cyber Trust Portal work?

The Trust Portal is integrated with Okta Single Sign-On (SSO) for initial Trust Portal access, while both OIDC- and SAML-supported applications can be used for delegate authentication. 

How Active Cyber Trust Portal works

Watch the Trust Portal in action here

To learn more about Active Cyber, the Trust Portal, and Okta connectors, reach out to your Customer Success Manager or contact us to get in touch.