SSO and user management API
Overview
Zato offers a series of secure REST endpoints that let applications manage users in an API-driven manner - everything from sign-up, sessions to password reset is accessible through APIs, without a need for applications to maintain their own databases or servers.
All of the endpoints are SSO-aware (Single Sign-On) which allows people to transparently make use of multiple applications without a need for entering credentials in each one.
The same functionality is available to programmers developing Zato services in Python - opening doors to endless API interaction possibilities - from synchronization using IBM MQ, through FTP data export, ZeroMQ alerts to AMQP events and more, there are no limits to the kind of authentication processes that can be handled.
Key features
- Powerful yet straightforward
- Programming-language independent, may be used from Python, JavaScript, Java, .NET or others
- Very well suited for modern mobile, serverless, WebSocket-based or single-page applications
- Secure storage, including encryption and customizable password hashing with strong defaults
- Supports a variety of workflows, easy to plug into new or existing environments
- Audit log to trace access to PII (Personally Identifiable Information)
- Can be easily scripted from command line
Topic guides
| Topic | Description |
|---|---|
| Quick reference | All API calls and methods |
| Users | Create, manage and access user accounts |
| Sessions | Logging users in or out and checking their existing sessions |
| Passwords | Enforcement and validation of user passwords |
| Password reset | How to reset user passwords |
| Configuration | Fine-tuning the system |
| Audit | What kind of information is stored where, when and how to access it |
| Command line interface | Shell commands for admins to use |
| Status codes | Warnings and errors returned by APIs |
Schedule a meaningful demo
Book a demo with an expert who will help you build meaningful systems that match your ambitions