Onegini Identity Cloud fundamentals

Standards & Certifications

When you are looking for a new CIAM solution, quality matters. After all, the CIAM platform you choose is uniquely placed to make a difference for your internal organization as well as your customers’ experience on your online platforms. There are many aspects to consider, but quality is usually a top priority – as it should be. Onegini aims to deliver the highest quality with its CIAM platform Onegini Identity Cloud. To guarantee this quality level, we subscribe to various standards set by relevant industry bodies, and we have internationally renowned certifications.

  • icon
    Support for modern standards
  • icon
    SOC2 certified
  • icon
    ISO/IEC 27001 certified
  • icon
    Certified by the Secure Software Alliance

Security standards

Onegini Identity Cloud was developed for the financial services sector. That means our clients deal with highly sensitive personal information, not to mention the security and privacy requirements imposed by industry regulators. That is why Onegini Identity Cloud provides all the security measures you need in virtually every conceivable situation. You can layer and combine security measures as you see fit without getting in the way of the customer journey. Onegini Identity Cloud uses a non-intrusive and lightweight solution to protect your REST APIs. We implement our solution using renowned open standards such as OpenID Connect, OAuth 2.0 and SAML 2.0. And we’re not just saying that: Onegini is certified by the Secure Software Alliance (SSA), which assesses the security of software using the independent standards from the Framework for Secure Software. 

businessman hand pointing to padlock on touch screen computer as Internet security online business concept

SOC2 Type 2

After reaching SOC21 compliance in 2019, Onegini became SOC2 Type 2 compliant in 2021. Onegini is the only CIAM vendor in Europe with a SOC2 compliance certification. 

SOC2 is an international standard which focusses specifically on the services provided IT service providers. The SOC2 report is more extensive than most other traditional certifications like ISO 27002, because those traditional certifications only focus on the design of processes and internal controls, instead of the operating effectiveness. Also, our SOC2 report is about our CIAM solution, not just about our generic internal security management system.

Find out more

ISO/IEC 27001

Onegini has been ISO/IEC 27001 certified since 2019. This proves that our organization complies with all of the ISO standards for securing information assets, both in our business and in the products we deliver. The certification shows that we are able to manage the security of highly sensitive data, including financial information, intellectual property, employee’s personal data and information from external parties. For our SaaS solution, we have teamed up with Amazon Web Service (AWS). The AWS infrastructure our product uses is ISO 27001, ISO 27018 en PCI DSS certified. On top of that, it also complies with the ISAE 3402 standard.

ISO certification