How to introduce Multi-Factor Authentication (MFA) easily and quickly?

von Timm Lotter, Senior Presales Consultant, APIIDA AG

The Multi-Factor Authentication solution APIIDA Intelligent SSO can be introduced easily and quickly in 3 steps:


1. Request Instance

 The MFA solution APIIDA Intelligent SSO is provided as a cloud service. You can request an instance here for free.

For an individual look and brand, your company logo and colors can be easily customized, as you can see here:

The login website as an example will look like this:


2. Configure User Management

In order for employees to be able to login, they must be made known. There are several methods for this:

  1. Create users manually: If your organization does not have a central user store, users can be created and managed manually.
  2. Connect Cloud User Store: If your organization manages users in a cloud environment, such as Office 365 or Azure Directory, they can be directly imported and synchronized.
  3. Connect On-Premise User Store: If your company manages the users in an LDAP directory or AD, they are located behind a secure firewall. A service gateway is required for secure import and synchronization.

3. Connect Applications

The instance is running and the users are known. The last step is to connect the applications. There are several methods for this:

  1. Applications: Cloud services and applications that support federation standards such as SAML or Open ID Connect (OIDC) can be integrated with a short configuration. Examples are Office365 and Salesforce.
  2. VPN: The RADIUS protocol is often used for the integration with VPN. The VPN server usually runs behind a firewall and the service gateway is necessary for a secure integration.
  3. Miscellaneous: For other applications, APIIDA Intelligent SSO offers further integration possibilities.


The following diagram summarizes the architecture of how easy it is to implement MFA with APIIDA Intelligent SSO. Applications and cloud services communicate directly with APIIDA Intelligent SSO. For a secure connection with on-premise applications and user directories such as AD and LDAP, the service gateway is used.

Try APIIDA Intelligent SSO now!