Standards and certification

Exposing your systems and database directly to the internet may sound scary, but there is no need to worry: Onegini Connect has a secure solution. Without compromising on speed or user experience.

Key points
  • Security and GDPR compliance


  • Integrations

Safe internet exposure for mobile APIs

To provide a smooth customer experience, you will need to allow your apps and online platforms access to your database. This presents an inherent risk, because your data is now interacting with the internet. Luckily, there is a secure solution. Onegini Connect uses a lightweight, non-intrusive solution to protect your REST APIs, designed to facilitate a secure and effortless connection between your company to the online world. We implement our solution using open standards like OpenID Connect, OAuth 2.0, SAML 2.0 and more.

Secure token management

The Onegini Token Server provides a secure solution for token management. It manages authorizations and resource access in compliance with the OAuth 2.0 and OpenID Connect standards. The server is OpenID Connect certified and can easily be plugged into your current infrastructure and will cooperate with existing authentication services for minimum disruption to your processes.

ISO/IEC 27001 certification

Since 2019, Onegini is ISO/IEC 27001 certified. This certification proves that Onegini complies with all the standards set by the International Organization for Standardization (ISO) to keep information assets secure in both our business and production environment.

With this certification, Onegini shows the ability to manage the security of assets such as financial information, intellectual property, employee details or information entrusted to us by third parties.

ISO mockup screenshot

Certified by the Secure Software Alliance

Onegini is certified by the Secure Software Alliance (SSA). The SSA assesses the security of software using the Framework for Secure Software, which defines an independent standard for secure software development. This helps development teams implement secure practices and provides criteria for inspectors and buyers to evaluate the software security.


Curious about our standards?

We’re happy to tell you all about them. Please feel free to contact us or check out or technical docs for more information!