Certificate Based Authentication for DC:
A Success Story at JPMC

When JPMC went looking for a partner to assist them to reinforce the security of the Jira instance, we stepped in with our “Jira REST API Plugin.”

A powerhouse in the world of financial services, JPMorgan Chase & Co. (JPMC), the global leader offers investment and financial solutions to meet the needs of millions of its customers worldwide. With a diverse range of products and services, its commitment to corporate social responsibility has earned it a reputation as a forward thinking and a responsible financial institution.

Recognizing the inherent weaknesses of password-based authentication and the potential vulnerabilities it posed, JPMC sought to bolster the security of their JIRA instance. Their experience, prior to us, with several third-party applications that were integrated into their JIRA instance, and their own Jira architecture which is multi-layered secured with normal password-based authentication was just not suitable.

Adding to their concern was also the fact that the OAuth Provider which they were using, was not able to perform token-based authentication. JPMC’s quest for a more secure way to integrate their applications using their third-party OAuth provider ended with our “Jira REST API Add-on” that effectively addressed their concern and fulfilled their security requirements.

Well, our certificate-based authentication uses digital certificates to verify the identity of a user thus enhancing security. Internal and external Jira REST API calls are supported by third-party JWT-based authentication. Our approach made the difference as we verified the functionality with the new add-on and the login timestamp updated for FID making REST API calls as expected.

If you thought that’s the end, not really, as going the extra mile for our clients comes naturally to us, so even though initially, we did not offer support for their OAuth provider due to endpoint restrictions. We accommodated their request and made customizations to our REST API add-on according to their environment's needs. That’s how we work!

They achieved seamless and hassle-free third-party authentication for the multiple applications in their environment. We provided JPMC with a tailored solution to make script integration seamless and REST calls automated.

With miniOrange SSO, users were required to sign in just once to gain access to all of their authorized applications, no longer the need for multiple usernames and passwords. It resulted in an improved user productivity as the hassle of remembering multiple login credentials was eliminated.

Our addon made their whole instance more secure as passwords with fewer/minimal authentication were introduced. JPMC is just one among our many clients who have found the perfect solutions for their needs with us.

In addition to SSO, we also offer multi-factor authentication (MFA) to enhance security and protect against unauthorized access, supporting a wide range of authentication methods that includes biometric authentication, push notifications, SMS and email OTP, and hardware tokens.

You know what, our solution’s success at JPMC is something that we are really proud of as we are of all others, so we keep it short and sweet. But you, if you are here that means either you have a need or are just curious of what we offer. Take a minute and explore our marketplace. If not, reach out to us at +1 978 658 9387 or email info@xecurify.com for a demo, consultation, custom solutions or whatever’s on your mind we will figure out something that suits your needs.