← BACK TO RECIPES

How to add 1Kosmos passwordless step-up authentication and user registration

Quickly protect any resource with Passwordless MFA (PMFA) and register new users without disruption to the access workflow.

  • No-code PMFA deployment quickly secures sensitive app resources without refactoring
  • Reduce friction by enrolling users to PMFA within existing access workflows
  • Support low-risk phased rollout and concurrent PFMA options for recovery
Ingredients
Step-up
1Kosmos
PMFA
Azure AD
Maverics
Passwordless

Quickly deploy 1Kosmos step-up authentication to any protected resource or data

The recipe diagram

A simple user journey that simply works.

The sequence diagram

How everything comes together to authenticate.

What the user sees

Users love Maverics because they can secure specific apps or resources with new PMFA protection without disrupting the way they are usually accessed. Even better, users can register for this new PMFA service within the existing workflow and don’t have to wait for a separate onboarding meeting to access to the resources they need for their daily job.

  • The user navigates to the app through their existing access workflow, in this case Azure AD SSO
  • They then attempt to access a sensitive resource within the app, the “Executive Reports” tab
  • Maverics intercepts the request and directs them to 1Kosmos to check whether or not they are enrolled in PMFA
  • If the user is not enrolled in 1Kosmos, Maverics automates the Azure AD lookup to determine if they have the appropriate role and group attributes to access the data
  • The user is then routed to an inline 1Kosmos registration page that guides them through enrollment
  • If the user was already enrolled in 1Kosmos or the next time the newly enrolled user returns to the protected resource
  • Maverics automatically checks their permission attributes in Azure AD and then presents them with 1Kosmos PMFA
  • Upon successful authentication via the 1Kosmos app, the user is granted access to the “Executive Reports” tab

What the admin does

Admins love Maverics because they can quickly onboard users and protect sensitive app resources with PMFA in a fraction of the time since there is no need to change apps or IDPs. Fully Passwordless authentication projects often begin with targeted Step Up AuthN experiences, and decoupling authentication from the protected app resources through no-code orchestration makes the process simple.

  • Admin opens their YAML file for Maverics which is a simple top-down approach using a declarative model
  • Under the Connectors section, the Admin specifies that they will be using Azure and 1Kosmos
  • Admin then specifies 1Kosmos as the PMFA authenticator under their desired appgateway and/or authentication provider configuration
  • Once the URL is specified, the Admin then simply selects 1Kosmos in the configuration for PMFA step-up authentication
  • Upon users next visit the application and the “Executive Reports” tab, Maverics then orchestrates the 1Kosmos PMFA workflow

Solve more modernization challenges with ready-to-deploy recipes

How to add 1Kosmos passwordless step-up authentication and user registration

Quickly protect any resource with Passwordless MFA (PMFA) and register new users without disruption to the access workflow.

Step-up
1Kosmos
PMFA
Azure AD
Maverics
Passwordless
How to move from OAM to Azure AD

Oracle Access Manager is challenging to maintain and provides limited app protection possibilities. Use this recipe to replace it with Azure AD without refactoring your apps.

OAM
Azure AD
Maverics
Target App
Authentication
Modernization
How to move from OAM to Okta

Oracle Access Manager is challenging to maintain and provides limited app protection possibilities. Use this recipe to replace it with Okta without refactoring your apps.

OAM
Okta
Maverics
Target App
Authentication
Modernization
How to move from SiteMinder to Azure AD

SiteMinder’s end of service is coming. Use this recipe to replace it with Azure AD without refactoring.

CA SiteMinder
Azure AD
Maverics
Target App
Authentication
Modernization

View all recipes

Ready to modernize any app in 10 mins?

Let us prove to you how easy this can be and demo a complete app modernization experience in under 10 min.

Book a demo