Skip to main content

WiKID's two-factor authentication API

We're kicking off a series of posts discussing our API and how to use it to make your two-factor authentication roll-out hassle-free. Most of our customers use the API if only via some of the scripts we provide. For example, we provide a sample script that allows users to register their own software tokens after validating via their Active Directory credentials. But the API is capable of much more than that. It was developed over time based on feedback from a number of our Enterprise and SaaS customers. In particular, our SaaS customers needed secure multi-tenant user management tools that allowed them to push user control to their customer and that minimized costs.

You can't have a discussion about APIs without thinking about the various SaaS-based APIs out there. Obviously, you are hosting the WiKID server in your environment, either in the cloud or on-premise. Another difference is that we require an SSL client certificate. Most APIs require only a shared-secret in the form of a 'key'. That's not quite good enough for two-factor authentication. Client-side SSL certs can be difficult, but the WiKID server handles most of the complexity for you. The WiKID server will also handle the firewall for you. The WiKID server keeps these SSL connections open, so there is not much overhead in the SSL. The server is also quite reliable.

The API is XML based. Protocol documentation is here: You can also always see the most recent implementation in the example.jsp file on the WiKID server. It is well-commented. You can also download various implementations here: We currently support java, python, ruby, PHP, and C#. These packages are all LGPL licensed, so you can easily add two-factor authentication to your code without any license concerns. If you need a different license, let us know. We released the java client under the Apache license for the Cloudstack project so they could embed WiKID two-factor authentication in Cloudstack.

In future posts, I'll discuss the transaction types and how you can use the API to reduce the costs of your two-factor authentication deployment.

Currently unrated

Recent Posts







RSS / Atom