The Verj.io Gateway
Introduction
to the Verj.io Gateway
Single
Sign On to Intranet Active Directory
Access
to Databases and Other Private Resources
See Also: Gateway Configuration, Gateway Tunnels, Gateway RESTful Services, Gateway Portal, Gateway Programming API
The Verj.io Gateway provides:
The Gateway Portal is an application that is packaged with and runs on the Verj.io Gateway. It can be configured to link to Verj.io Applications running in remote Verj.io On-Premises environments or Verj.io Service Plans.
When a user connects to the Gateway Portal they are authenticated locally using the configured authentication mechanism, for example Active Directory, and presented with a dashboard of target applications (Forms). Clicking on one of the target application tiles redirects users to the appropriate Verj.io On-Premises environment or Verj.io Service Plan, passing on their security credentials in a secure authentication token and thereby facilitating SSO.
The Gateway Portal also allows hyperlinks to be used to facilitate SSO. By passing in the name of the configured Verj.io On-Premises environment or Verj.io Service Plan and the target application, the Gateway Portal will authenticate the calling user locally and redirect the caller to the target application, passing on their security credentials in a secure authentication token. This means hyperlinks can be added to other applications (for example, an intranet) to take users directly to remote applications seamlessly.
See Gateway Portal
Single Sign On (SSO) means users do not have to log into remote Verj.io Applications separately. Once a user’s credentials are established locally, they are securely passed to the remote Verj.io Application.
Users within a domain can open the Gateway Portal application that automatically authenticates them locally, perhaps via Active Directory. Users are then presented with a list of target Verj.io Applications (forms) available on the configured remote On-Premises environments and Verj.io Service Plans. When they click on one of these links they are redirected to the remote Verj.io Application. The user’s security credentials are automatically encoded within a secure authentication token that is sent to the remote Verj.io Application as part of the redirect. Users are automatically redirected to their Verj.io Application by providing the required URL parameters to identify the Verj.io Application to redirect to and the form name to load. See Gateway Portal for more information.
There is a mutual trust relationship between the Gateway and the remote Verj.io On-Premises environment or Verj.io Service Plan based on the Gateway API key. This trust relationship can be further secured by specifying an IP Whitelist.
Alternatively, Single Sign On can be achieved using OpenID Connect in the remote Verj.io Application to connect directly to Active Server Directory Services (ADFS) running within the private domain.
Once a trusted relationship between a Verj.io Gateway and remote Verj.io On-Premises environments and Verj.io Service Plans have been established, Verj.io Applications running on those remote environments can securely access private Databases, REST services and other resources in the private domain the Gateway is part of.
Gateway Tunnels can be configured on the Verj.io Gateway to various private resources in its local domain. Verj.io Applications running on any trusted Verj.io On-Premises environments and Verj.io Service Plans can use these tunnels to effectively communicate with these private resources as if they were directly accessible to the Verj.io Application. See Gateway Tunnels
Gateway Rest Services can be created and published on the Verj.io Gateway that are only available to Verj.io Applications running on trusted Verj.io On-Premises environments and Verj.io Service Plans. Trusted Verj.io Applications can call Gateway Rest Services using the Gateway REST Javascript API in a similar way as it calls any other type of REST service. See Gateway REST Services
The Gateway API provides a secure mechanism for a Verj.io Applications to invoke otherwise private Verj.io Gateway REST services.
See Gateway Server Configuration for step by step instructions on configuring both Verj.io Gateways and remote Verj.io On-Premises environments and Verj.io Service Plans.