Secure authentication reimagined – OIDC on the flexmobility platform
Introduction
As business processes become increasingly digitalised, it is not only the importance of business apps that is growing – but also the demands placed on identity and access security.
Today, users access applications from a wide variety of contexts: mobile, remote and across systems. At the same time, regulatory requirements such as NIS-2 and the threat landscape in the field of cybersecurity are on the rise.
Against this backdrop, we have added a key feature to the flexmobility platform:
support for OpenID Connect (OIDC) for secure and standardised authentication.
What is OpenID Connect (OIDC)?
OpenID Connect is an open authentication protocol based on OAuth 2.0 that enables applications to securely verify a user’s identity. [microsoft.com], [de.wikipedia.org]
Unlike OAuth alone (authorisation), OIDC answers the crucial question:
Who is the user?
Authentication takes place via a central identity provider (e.g. Azure AD, Keycloak or other IAM systems), which verifies the user’s identity and passes this information to applications via secure tokens. [ibm.com]
Why is OIDC crucial for modern business apps?
Centralised identity management instead of password chaos
Users log in once and gain access to multiple applications (single sign-on). [tools4ever.de]
👉 Advantage:
- no multiple logins
- reduced password risks
- greater user acceptance
🛡️ Greater security through proven standards
OIDC relies on:
- signed tokens (e.g. JWT)
- standardised authentication processes
- centralised control over access rights
👉 This reduces the attack surface and enhances security across the entire system.
🔗 Seamless integration into existing IT environments
OIDC is now the de facto standard for Identity & Access Management.
👉 Result:
- Easy connection to existing providers
- Integration into cloud and on-premises environments
- Cross-platform usage (web, mobile, APIs) [auth0.com]
OIDC on the flexmobility platform
With the integration of OpenID Connect, the flexmobility platform offers a modern authentication solution that integrates seamlessly into existing security architectures.
✅ Centralised authentication via identity providers
- Login is via existing corporate identities
- No separate user accounts required
✅ Integration of APIs and systems
In the context of an authenticated user, targeted API calls can be made – tailored to roles and permissions within the identity provider.👉 This enables:
- consistent access control
- secure communication between systems
- clear separation of identity and application
✅ Single sign-on for business apps
Users access multiple applications with a single login – ideal for complex process landscapes.
✅ Foundation for compliance and NIS-2
Through the central management of identities and access, OIDC significantly supports:
- traceability of access
- Reduction of security risks
- Integration into overarching security concepts
Why OIDC is particularly well suited to native business apps
It is particularly when used in conjunction with native applications that OIDC reveals its full potential:
- reliable authentication even in complex scenarios
- secure token-based communication
- optimal integration into mobile workflows
As modern applications increasingly rely on APIs and distributed systems, a standardised identity layer becomes a key component of the entire architecture. Unlike with web apps, this identity layer can be securely managed and used within a native app.
Conclusion
With the integration of OpenID Connect, the flexmobility platform is taking a decisive step towards:
✔ greater security
✔ greater control
✔ greater future-proofing
At a time when applications are becoming a critical component of business processes, clear and secure user identification is no longer an option – it is a prerequisite.
With OIDC, we are introducing further features for secure, scalable and integrated business apps.