IDP Service Introduction
This documentation is intended for any organisation or service that intends to use the Mydex Identity as Service to replace their existing username and password services or to add Mydex into their supported Identity Providers.
Mydex is an ISO27001 certified company and acts an identity provider in two specific capacities:
- On behalf of its members with simply one reusable MydexID across the internet to gain access to services and end the proliferation of multiple usernames and passwords with all of the attending risks and issues around management of these.
- The MydexID supports a range of open standards based identity protocols. This means our members can use it wherever these standards are supported.
- The MydexID is privacy friendly as all activity undertaken with a MydexID is recorded in the members personal data store and not shared with anyone unless the individual specifically chooses to share it via a trusted connection across the Mydex Trust Framework.
- The MydexID also affords control to the member of what data is shared with third parties and affords the member the ability revoke access directly themselves.
- On behalf of connecting organisations who are seeking to get out of the management of usernames and passwords and embrace a secure federated identity service model. These organisations can select a preferred protocol that will fit in with their own security policy and preferences. Mydex can also enable verified attribute exchange via trusted connections between individuals and organisations under a common data sharing agreement. These verified attributes can also form part of an identity assurance service that can deliver the following
- Verified proofs of claim e.g. entitlement, address, age, status on a number or key areas.
- Identity Assurance to recognised standards across the public and private sector
The key differentiation is that the MydexID is centred on the individual and can be used any context of their life for personal, business and civil engagement. The MydexID ensures that the individual remains in control of their digital identity at all times.
Mydex as a community interest company provides services to individuals free of charge at all times and the MydexID and underpinning personal data store is available for life free of charge.
Organisations pay an initial connection fee per service connected to our identity services and a pay as you go connection fee per individual they connect with. Ongoing support fees are calculated as a percentage of the total connection fees paid annually on anniversary.
Summary overview IDP API
The Mydex IDP API supports a number of basic functions as follows
- Registration services
- Authentication services including support single sign on
- Password reset and change
- Personal usage logging and tracking for the individual
We can support the following protocols
- SAML based profiles - for registration and authentication
- OpenIDConnect profiles for authentication wherever an OpenID is supported
Data Sharing via the Mydex PDS-API secure connections for personal profiles, verified attributes and access to identity assurance evidence.