Skip to content

Partner login

KeyShield
  • Home
  • About
    • Overview
    • Testimonials and case studies
  • Clients
  • Downloads
    • Changelog
    • Checksums
  • Support
    • HWToken Drivers
    • Requirements
    • iOS client
    • Installation – Linux
    • Installation – Windows
    • Novell Vibe integration
    • GWAVA Integration
    • Retain Integration
  • Developer
    • Documentation
  • Partners
  • Contact
    • Let us know
keyshield does it all for you
KeyShield does it all for you

SSO/ SLO/ RELOGIN/ 2FA/ SAML2/ JWT/ Radius_Accounting/ REST/ Windows/ Mac_OSX/ Linux/ iOS/ Android/ MicroFocus/ GWAVA/ Microsoft/ GroupLink/ Kerio/ Oracle/ SugarCRM/ OTRS/ WordPress/ Drupal/ Joomla/ Moodle/ Delphi/ C/ C++/ C#/ Java/ JavaScript/ PHP/ ......

KeyShield is
KeyShield is:

● before platform independent

● concurrent user licensed

● idP class SSO (Single Sign on) solution

● browser independent

● the world fastest SSO/SLO/RELOGIN - browser independent

● versatile and very easy to implement

Microfocus
MicroFocus

OES client for Windows is fully supported in 2 ways. First - once the user authenticates to OES environment, KeyShield proves the user's eDirectory identity with a signed token and authenticates the user automatically. Any change (logout, login) is recognized and followed (if the user logs out from OES, KeyShield does the same). Second - KeyShield SSO client is able to control the OES client - when user authenticates to KeyShield manually or 2FA with a HW token, KeyShield client initiates complete OES client authentication incl. login script processing. If the user logs out from KeyShield, KeyShield client initiates OES client log out. This is very useful for shared computers, kiosks and special application Windows workstations. This is designed for hospitals, schools, government organizations etc.

microsoft
Microsoft

domain (AD) environment is fully supported in various ways. KeyShield client can read user's identity, use NTLM2 and use Kerberos. Kerberos is also supported on MacOSX registered to domain. Regardless the method used, any change (logout, login) is recognized and followed. Next generation of KeyShield client for Windows is able to authenticate the user and map the user's home directory.
This is designed for shared computers, kiosks and special application Windows workstations used often by hospitals, schools, government organizations.

LDAP
LDAP

eDirectory, Active Directory, ApacheDS and OpenLDAP are natively supported. eDirectory is controlled directly through the LDAP interface, customized PowerShell script is generated for Active Directory. Apache DS is a part of the KeyShield server distribution with simplified configuration and user/group management tool. This can be used for external users, development, testing etc without affecting production directory or consuming licenses.

Radius Accounting Server
Radius Accounting Server

if the user authenticates to VPN or WiFi for example, KeyShield can accept Radius Accounting packets from such devices and authenticate users seamlessly. This work similar to Microsoft or MicroFocus environment integration - once the user authenticates to VPN, KeyShield authentication is automatic and user can acess directly any integrated system.

Radius Accounting Client - copy
Radius Accounting Client

is today's widely adopted standard for network appliance SSO/SLO - supported by firewalls, web content managers, WiFi controllers, proxy servers etc. KeyShield can login and logout your users to virtually unlimited number of appliances by sending them Radius Accounting packets. Authentication includes transfer of group membership - KeyShield can map directory group membership to firewall group in order to control user's access to the internet for example.

previous arrow
next arrow
= AT A GLANCE == AT A GLANCE = REST APIREST API LDAP ViewerLDAP Viewer SAML 2.0SAML 2.0 CLIENTSCLIENTS KeyShield SSOEngineKeyShield SSO Engine SecuritySecurity Yellow MessageYellow Message Advanced LogsAdvanced Logs EmbeddedDSEmbedded DS CONNECTORSCONNECTORS Radius AccountingRadius Accounting Admin ConsoleAdmin Console Network Address AttributeNetwork Address Attribute

Overview of the whole system - click on any part to view detailed information

"KeyShieldSSO has become our main SSO solution"

Take a look at some of the references from our customers here:

How KeyShield SSO Works

Once you’re authenticated to your favourite directory(eDirectory, Active Directory or LDAP), KeyShield keeps information about your IP address and full name.

When you connect to an information system, it checks your identity by querying KeyShield with your IP address. No further login is required. Read more

Unique features

Can handle thousands of authentications per second

KeyShield is faster than other SSO solutions and much faster than the classic authentication methods used by portals. The number of users that other systems can handle in minutes, we are able to handle in seconds. Save the valuable time of your employees – don’t let them wait while they log in.

Supports non-browser apps through clients for many desktop and mobile platforms

It doesn’t matter whether you access your application through a web browser or whether it is running on your desktop, KeyShield can pass your user identity to the application regardless. Because we support many major desktop platforms (Windows, Linux and Mac) and have clients for most major mobile operating systems (Android, iOS and Blackberry), it doesn’t matter what kind of device you use.

Works with multiple external LDAP sources at once or can use an internal directory

You can set up KeyShield to authenticate you against your directory – we support eDirectory, Active Directory and OpenLDAP. You can even connect multiple directories and KeyShield will then perform load balancing to distribute queries among them. If you do not have any directory, you can use KeyShield’s embedded directory service.

Built-in integration for many common systems – CMSs, DMSs and messaging

You can download plugins for many popular applications and systems, for example, GWAVA, Filr, Vibe, Drupal, WordPress and many others. Here’s a complete list of available integrations.

Integration for other systems can be easily developed through RESTful API or SAML

Support for other systems can be programmed very easily and efficiently using our RESTful API. We also offer SAML conformity for systems supporting it (like Google Apps or Microsoft Office 365). In most cases, your programmer should be able to implement KeyShield for your system within one working day.

Two-factor authentication via hardware cards

For an additional layer of security, you can require users to place a hardware card into a card reader while they log in. This two-factor authentication can be switched on for selected services.

Supports RADIUS accounting and connects with other SSO systems

KeyShield can act as a RADIUS Accounting client – we inform active network elements (FortiGate, Cyberoam, SonicWall, SmoothWall, LightSpeed, LiteSpeed, etc.) about the identity of the user. KeyShield can also act as a RADIUS Accounting server – in which it obtains information about the identity of the user from a firewall or Wi-Fi access point after successful authentication into a VPN.

Delivery of instant messages directly to the screens of users

So-called yellow message functionality can deliver prompts to the screens of logged-in users. Such a message is hard to miss and does not go away until the user accepts it. The addressee of the message can be a specific user or a whole subnet. This function is especially suitable for sending information about network maintenance, etc.

Recent News

  • New feature released! – Try out script for SmarterMail!
    May 18, 2023

    The script logs users into SmarterMail regardless of whether they …

  • New version release 8.5.0
    April 12, 2023

    You can try the newest release version of KeyShield SSO …

  • TTP EMEA 2023
    February 27, 2023

    We are present at TTP EMEA 2023 in Weiden in …

  • New version release 8.3.0
    May 6, 2022

    You can try the newest release version of KeyShield SSO …

  • Apache Log4j vulnerability
    December 13, 2021

    If you are a person, who is concerned about cybersecurity, …

© KeyShield SSO 2020

© 2023 KeyShield • Built with GeneratePress
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT