What is upstream authentication?

Upstream authentication is a security method used to protect web applications from unauthorized access. With this method, the user is authenticated before accessing the actual application. This means that the user must confirm their identity before accessing the application.

This authentication is typically carried out by an upstream instance such as a Web Application Firewall (WAF) or a reverse proxy. Before a request from a user is forwarded to the actual web application, the upstream authentication method checks the user's access authorization. This can be done, for example, by verifying the username and password or by other authentication methods.

The main advantage of upstream authentication is that it protects the web application from attacks by unknown attackers as only authenticated users are granted access. Additionally, delegating authentication to an upstream entity enables the implementation of single sign-on scenarios across multiple web applications, improving usability and security. In addition, the authentication processes do not have to be developed and implemented separately for each application. Application developers can concentrate on the business logic.

Airlock Secure Access Hub offers upstream authentication as part of its security features. Through a dynamic whitelist filtering method, Airlock effectively protects web applications from unauthorized access and enables the implementation of single sign-on across multiple applications. Find out more about the upstream authentication functions of Airlock Secure Access Hub at the following link: Airlock Secure Access Hub - Upstream authentication.

Information for you

-Our whitepapers-

Executive View: KuppingerCole - Airlock Secure Access Hub for applications and APIs

This KuppingerCole Executive View report provides an architectural and functional overview of the Airlock Secure Access Hub, an integrated platform for secure access management - a multicloud-native security tool for web applications, APIs and beyond.

 

Fill out the form now and receive Executive View!

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge