Integration with OneSpan Authentication Server

OneSpan Authentication Server includes different communicators that provide various functionality and allow integration of other systems. For more information about building custom applications that require integration with OneSpan Authentication Server, refer to the OneSpan Authentication Server SDK documentation.

SOAP integration

The OneSpan Authentication Server SOAP interface allows the following functionality to be integrated:

• User authentication
• Signature validation
• Software authenticator provisioning
• Administration
• Reporting

For more information, see OneSpan Authentication Server in a web environment.

RADIUS integration

OneSpan Authentication Server includes a RADIUS communicator to support authentication (Access-Requests) via the following protocols:

• PAP
• CHAP
• MS-CHAP
• MS-CHAP v2

MPPE keys are generated for MS-CHAP and MS-CHAP v2. OneSpan Authentication Server can also handle accounting requests and return RADIUS attributes for authorization. However, OneSpan Authentication Server does not act as an authorization server itself.

An existing RADIUS server may be used as a back-end system to allow the following:

• Dynamically create user accounts in OneSpan Authentication Server
• Verify static passwords
• Retrieve users' RADIUS attributes

For more information, see  OneSpan Authentication Server in a RADIUS environment.

Back-end integration

OneSpan Authentication Server supports a number of systems that can be used as back-end systems. These back-end systems can be used as an authority on authentication data (see Back-end authentication).

Custom back-end integration

You can write your custom authentication engine to attach OneSpan Authentication Server to your own back-end system. This would be used primarily as an authority to permit dynamic creation of user accounts in OneSpan Authentication Server and for static password verification.