Tag: authentication

Feed: Recent Announcements. AWS Amplify Flutter introduces support for creating customizable authentication flows, using Amazon Cognito Lambda triggers. Using this functionality, developers are able to setup customizations for the login experience in their Flutter apps, such as creating OTP login flows, or adding CAPTCHA to their Flutter app. Developers of Amplify Flutter can setup the Auth category to use custom challenges using the Amplify CLI such as one-time passwords, or Captcha. The Amplify CLI provisions Lambdas in the backend, which then interact with Amazon Cognito to verify the challenges. Developers can build the custom challenges are built in steps, such ... Read More

Feed: Recent Announcements. AWS Identity and Access Management (IAM) now supports the Web Authentication (WebAuthn) standard for strong and phishing-resistant authentication across all supported browsers. WebAuthn is part of the FIDO2 set of specifications that succeed FIDO U2F API, enabling secure multi-factor authentication with security keys based on public key cryptography. This capability extends the existing multi-factor authentication (MFA) functionality to ensure compatibility with the latest internet browsers and FIDO-compliant authenticators. The Safari browser is also now supported for authentication and registration of security keys, in addition to other major browsers such as Mozilla, Opera, Firefox, and Chrome. Users that ... Read More

Feed: AWS Big Data Blog. Many of our customers that use Amazon EMR as their big data platform need to integrate with their existing Microsoft Active Directory (AD) for user authentication. This integration requires the Kerberos daemon of Amazon EMR to establish a trusted connection with an AD domain, which involves a lot of moving pieces and can be difficult to get right. This post describes what a one-way trust with Active Directory means, and how the commands work that are used in setting it up. We describe how DNS names, Kerberos realms, and AD domains are different, and the ... Read More

Feed: Recent Announcements. AWS Glue can now connect to Apache Kafka using additional client authentication mechanisms. AWS Glue now supports SASL (Simple Authentication and Security Layer) using either SCRAM (Salted Challenge Response Authentication Mechanism) or GSSAPI (Kerberos). AWS Glue supports data streams including Amazon Kinesis and Apache Kafka, applies complex transformations in-flight and loads it into a target data store for Analytics and Machine Learning. With this feature, you can now stream data from Apache Kafka producers that use SASL (SCRAM and GSSAPI) for client authentication. You can choose from these client authentication mechanisms when creating a Kafka connection in ... Read More

Feed: Planet PostgreSQL. In the past few months, there’s been a single recurring question that appears with alarming regularity in the Postgres Discord server. The phrasing itself ranges anywhere from “Hi, I’ve recently installed Postgres, but I don’t know how to connect to it?” to “I keep getting errors when I try to connect to Postgres!” How does this scenario erupt so frequently? Is it something about Postgres? New users? People not familiar with databases in general?How this Happens New Postgres users are usually pretty easy to spot. They’re the ones most likely to express confusion or incredulity that there ... Read More

Feed: SAS Blogs. Author: Stuart Rogers. The SAS Viya LTS 2021.2 release supports application multi-tenancy. This 3-part series reviews how authentication can be configured. In this post, we look at configuring OpenID Connect (OIDC) authentication in a multi-tenant (M-T) environment. The SAS Viya configuration of OIDC authentication could be performed in the M-T provider and apply to all tenants or could be configured in one or more individual tenants and only apply to that tenant. For this post, we configure ODIC for the M-T provider and the marketing tenant. The third-party OIDC Identity Provider, such as Azure Active Directory, has ... Read More

Feed: Planet MySQL; Author: MySQL Performance Blog; As part of my ongoing series around MySQL 8 user administration, I’d like to cover one of the new features introduced in MySQL 8.0.27 – multi-factor authentication. In order to establish identity, multi-factor authentication (MFA) is the use of multiple authentication values (factors) during the MySQL authentication process. Introduction MFA provides greater security compared to a single-factor authentication method, which has historically been based on simple methods such as password authentication. With MFA, additional authentication methods are enabled, such as requiring multiple passwords, or with devices such as smart cards, security keys, or ... Read More

Feed: Recent Announcements. You can use IAM for database user authentication by selecting a checkbox during the DB instance creation process. Existing DB instances can also be modified to enable IAM authentication. Once this feature is enabled, database administrators can associate new and existing database users to IAM users and roles. Credentials can then be managed via IAM without managing users in the database. This includes expanding and restricting permission levels, associating permissions with different roles, and revoking access. IAM authentication also helps with easier integration with your applications running on Amazon EC2. After configuring the database for IAM authentication, ... Read More

Feed: AWS Architecture Blog. This blog post was co-authored by Vinodh Kumar Rathnasabapathy, Senior Manager of Software Engineering, UnitedHealth Group.  Engineers who use Amazon Cognito for machine-to-machine authentication select a primary Region where they deploy their application infrastructure and the Amazon Cognito authorization endpoint. Amazon Cognito is a highly available service in single Region deployments with a published service-level agreement (SLA) target of 99.9%. The UnitedHealth Group (UHG) team needed a solution that would enable them to build and deploy their applications in multiple Regions to achieve higher availability targets. A multi-Region application architecture would also allow UHG engineers to ... Read More

Feed: AWS Architecture Blog. Recently, the Accenture AWS Business Group (AABG) assisted a customer in developing a secure and personalized Interactive Voice Response (IVR) contact center experience that receives and processes payments and responds to customer inquiries. Our solution uses Amazon Connect at its core to help customers efficiently engage with customer service agents. To ensure transactions are completed securely and to prevent fraud, the architecture provides voice authentication using Amazon Connect Voice ID and a visual portal to submit payments. The visual IVR feature allows customers to easily provide the required information online while the IVR is on standby ... Read More