Getting Started with Passport

1. Introduction

Passport is a modern platform for Customer Identity and Access Management (CIAM). Passport provides APIs and a responsive web user interface for to support login, registration, localized email, multi-factor authentication, reporting and much more.

2. Overview

Legacy identity technologies have complex hierarchy and cryptic terminology like realms, principals, subjects and distinguished names. Ugh, I dare you to try and explain these terms to your boss, you’ll get a lot of nodding and smiling.

In order to simplify something perceived to be complex, the best approach is to go back to the basics, to the atomic elements and throw everything else away.

When we built Passport we took the back to basics approach. If we had the opportunity to build the next generation of CIAM from scratch we most certainly would not choose to build it using LDAP or SAML; so, we didn’t.

We identified two atomic elements of identify, Users and Applications. Everyone has Users, and Users need to be authenticated to Applications. For this reason Passport is built upon these two elements; Users and Applications.

If this sounds overly simplistic, consider that 99% of the human body is comprised of just six elements, Oxygen, Carbon, Hydrogen, Nitrogen, Calcium and Phosphorus. From our two elements, Users and Applications we are able to satisfy the simplest to the most complex customer requirements.

2.1. Users

concepts

A user is uniquely identified in Passport by an email address or username. A User can be registered to one or more Passport Applications. A User Registrations can define one to many Application Roles.

2.2. Applications

A Passport Application represents an authenticated resource such as a web application, mobile application or any other application that requires authenticated users. A Passport Application is defined by a name and a set of Roles.

Most applications you define in Passport have users that register for and log into it. However, even if your applications have anonymous users such as a free-to-play game, you can still create a User inside Passport using the device Id as the unique identifier for the user (i.e. the username). This will allow you to track and manage the user from Passport.

Another example of an application is how we use Passport at Inversoft. We are using Passport to manage users with accounts on https://www.inversoft.com. Therefore, we defined a Passport Application named WWW. This Application has two roles it will use. These roles are:

  • admin

  • user

Here is a diagram that illustrates how our WWW Application is configured in Passport.

www application

When we authenticate a user to our website, we verify the user credentials are correct and that they are registered for the WWW Application. A successful login attempt returns the user’s unique Id which can be used to retrieve the user’s complete profile including their roles for the specific Application. This allows us to control the features and functions we allow the user.

3. Getting Started

There are two difference versions of Passport: Passport Cloud and Passport Server.

3.1. Passport Cloud

Passport Cloud is a hosted solution that is maintained and monitored by Inversoft. When you sign up for Passport Cloud, Inversoft provisions a Private Cloud Server for you in our Cloud environment. You don’t need to download or install Passport if you are using this version. Once your Passport Cloud server is setup, you can immediately access it and begin your integration.

If you are using Passport Cloud, you don’t need to install Passport. Instead, you can dive right into our Tutorials, API docs and User Guide to get started:

3.2. Passport Server

Passport Server is an on-premise solution that is downloaded and installed on your servers. You can install and configure Passport however you want and can also put Passport behind a firewall or VPN. This solution requires that you download and install Passport yourself as well as maintain and monitor it as well.

If you are using Passport Server, you first need to install and configure Passport before starting your integration. Here are some links to get you started:

3.3. FAQ

How do I gain access to the software and my license Id?
Login to our accounts section of the web site at https://www.inversoft.com/account/.