Axiad, an identity-first enabler of the zero-trust enterprise, announced it has integrated an application programming interface (API) to provision FIDO2 security keys (passkeys) for Microsoft Entra ID into its Axiad Cloud advanced authentication toolset.
This capability enables Entra ID customers to manage all kinds of authentication credentials in a single “pane of glass,” including passkeys and public-key infrastructure (PKI)-enabled x.509 certificates. The ability to effectively consolidate credentials, combined with the superior user experience created by Axiad Cloud through simplified onboarding and self-service credential management, makes it possible to deploy phishing-resistant authentication for Microsoft Entra ID enterprise-wide. Axiad Cloud can also be used to manage the credentials of multiple other identity providers.
The ability to manage and consolidate credentials for phishing-resistant passkeys is especially important for U.S. federal agencies trying to meet the requirements of The White House Executive Order 14028, which mandates that all agency staff, contractors and partners use phishing-resistant authentication to access systems and applications. The agencies also must work with approved technology vendors from the Federal Risk and Authorization Management Program Axiad currently holds FedRAMP Ready status and has been sponsored by a federal agency to expedite its attainment of FedRAMP Authority to Operate (ATO) status.
Also Read: Lumifi’s Managed Detection and Response Services Now Available on Microsoft Azure Marketplace
Microsoft recently blogged about the Entra ID FIDO2 provisioning API partnership program. The blog post states that while most federal customers use smart card systems to achieve zero-trust compliance, passkeys provide a secure alternative for users to sign in to their applications and systems. Also, Microsoft Entra ID’s APIs enable administrative provisioning, making it much simpler to onboard users by relieving them of individual registration activities.
“Implementing passkeys is part of the journey to creating a safe computing environment, but enterprise customers need an efficient way to manage authentication credentials at scale, both for the host organization and its partners, contactors and others,” said Natee Pretikul, principal product management lead, Microsoft Security. “Axiad Cloud enables our Entra ID customers to do this and enables any trustworthy identity to access any application or resource located on premises or in the cloud.”
Axiad Cloud enables customers, including federal government agencies, to deploy and manage strong authentication processes and deliver phishing-resistant authentication to their people, machines and applications on an enterprise scale.
“Creating true phishing resistance has been held back by the ability to manage credentials across systems at scale,” said Nicolas Malbranche, head of product at Axiad. “Microsoft‘s move to create an API partner program for Entra ID is a major step forward in promoting enterprise phishing resistance. We believe this is especially important for federal government organizations who are under time pressure to create zero-trust, phishing-resistant networks.”
Malbranche added that to enable customers to comply with The White House Executive Order 14028, Axiad Cloud offers both FIDO and personal identity verification (PIV)/PKI in one platform to enable a more complete set of use cases.
SOURCE: PRNewsWire