> For the complete documentation index, see [llms.txt](https://book.konstantinsecurity.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://book.konstantinsecurity.com/readme/architect/identity-and-access-management-idm/sso/openig.md). # OpenIG ## OpenIG [30845478](https://gitlab.com/johnmkane/tech-recipe-book/-/blob/main/Book/Architect/Identity%20and%20Access%20Management%20\(IDM\)/SSO/OpenIG/OpenIG/30845478/README.md) ## [OpenIG](https://github.com/OpenIdentityPlatform/OpenIG) The Open Identity Gateway (OpenIG) is a high-performance reverse proxy server with specialized session management and credential replay functionality. OpenIG is an independent policy enforcement point that reduces the proliferation of passwords and ensures consistent, secure access across multiple web apps and APIs. OpenIG can leverage any standards-compliant identity provider to integrate into your current architecture. Single sign-on and sign-off improves the user experience and will vastly improve adoption rates and consumption of services provided. * Extend SSO to any Application * Federate Enabling Applications * Implement Standards Based Policy Enforcement #### How it Works OpenIG is essentially a Java-based reverse proxy which runs as a web application. All HTTP traffic to each protected application is routed through OpenIG, enabling close inspection, transformation and filtering of each request. You can create new filters and handlers to modify the HTTP requests on their way through OpenIG, providing the ability to recognize login pages, submit login forms, transform or filter content, and even function as a Federation endpoint for the application. All these features are possible without making any changes to the application’s deployment container or the application itself. OpenIG works together with [OpenAM](https://www.openidentityplatform.org/openam) to integrate Web applications without the need to modify the target application or the container that it runs in. * Support for identity standards ([OAuth 2.0](https://tools.ietf.org/html/rfc6749), [OpenID Connect](http://openid.net/specs/openid-connect-core-1_0.html), [SAML 2.0](http://saml.xml.org/saml-specifications)) * Application and API gateway concept * Prepackaged SAML 2.0-based federation * Password capture and replay * Works with any identity provider, including OpenAM * Single Sign-On and Single Log-Out Useful links: --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://book.konstantinsecurity.com/readme/architect/identity-and-access-management-idm/sso/openig.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.