Our client is one of the world’s largest providers of integrated shipping services, providing broking, finance, support and research across all shipping and offshore sectors.
Our client has set six strategic objectives to create long-term sustainable value for its stakeholders. At the core of these objectives lies trust. To maintain trust, it needed to improve the security of its web platform by adding a secure, robust and flexible authentication service.
This service needed to allow employees, customers and other corporate users to use single sign-on (SSO), whilst improving the security of the service by offering multi-factor authentication (MFA).
It was important that new functionality would be cloud-based, yet work seamlessly with existing systems, without affecting their functionality.
In addition, the client’s own teams needed to be able to implement and maintain the new authentication service without third-party support.
Working closely with the client’s technical team, Condatis produced a Proof of Concept (PoC) illustrating how Microsoft Azure AD B2C, integrated with existing web pages, can be used to orchestrate authentication journeys. To enable multifactor authentication, Condatis used provider Duo (duo.com), which determines the user type and matching Identity Provider (IdP). Azure AD B2C then returns the required access token to the relying party application. Condatis demonstrated the PoC authentication functionality and documented the solution to enable the client to easily and securely implement the service.
- Our client manages big system migration projects. This solution demonstrated that the authentication aspect of these projects can be dealt with separately in AAD B2C, without interfering with running development or migration projects.
- The PoC proved that third-party services such as Duo can easily be configured and integrated with their authentication journeys.
- The solution was handed over in full to the client’s technical team, giving them the technical details, knowledge and confidence to maintain and extend the system. The PoC allowed the client to get a low-cost insight into the potential of the AAD B2C authentication service, before committing to a fully funded project.