0 votes

Hello

We are currently building HRIS automation capabilties over the Adaxes API and it works quite well.

The main issue we have is that Adaxes API works with simple username and password authentication. Which is unsage and against our zero password policy.

The web UI is authenticated with SAML currently, and that's perfect for us.

Regarding the REST API, is there a way to improve the security by moving to one of those option (sorted from the most prefered one to the least one):

  • OAuth2 via the web UI
  • Certificate Based Authentication
  • Kerberos

Thanks

by (240 points)

1 Answer

0 votes
by (270k points)

Hello,

Unfortunately, there is no such possibility. However, thank you for the suggestion. We forwarded it to the corresponding department for consideration.

0

That's a really bad news. Having the identity API supporting only weak authentication is a bit concerning…

0

oov to bad

0

Is this on the Adaxes roadmap? These days, companies fail audits for products that still use this security design.

0

Hello,

We are considering the possibility of using other authentication methods. However, the feature is still not on the roadmap and there is not ETA.

Related questions

+1 vote
1 answer

HI support, We mostly use the Console. Are you think about to enable Two Factor Authentication for the Adaxes Console as well? That would increase the security level enormously. Sincerely yours, Chris

asked Feb 10, 2020 by Napoleon (700 points)
0 votes
0 answers

Starting from Adaxes 2023.2, Adaxes uses the EXOv3 PowerShell module for all operations in Exchange Online. This means basic authentication in WinRM can be disabled on ... s OAuth token because the client-side implementation of WinRM does not support OAuth.

asked Mar 1, 2023 by Adaxes (550 points)
0 votes
1 answer

I am trying to view AD authentication logs to see a user account's authentication attempts. Can this be done in Adaxes?

asked Dec 30, 2021 by Tfarmer (160 points)
0 votes
1 answer

Typing in the code constantly seems...antiquated when more modern methods are available.

asked Jun 14, 2021 by ngb (220 points)
0 votes
1 answer

We have a fleet of Macbooks that use NoMAD to handle AD Authentiction and syncronization. How can we use Adaxes to handle the Password reset utility with these users. If they ... resync will be needed. Anybody else doing this or have a solution to the above?

asked May 13, 2020 by jcalvert (60 points)
3,326 questions
3,026 answers
7,727 comments
544,684 users