{"id":15224,"date":"2021-02-24T10:30:49","date_gmt":"2021-02-24T09:30:49","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=15224"},"modified":"2021-02-22T11:01:12","modified_gmt":"2021-02-22T10:01:12","slug":"fapi-ciba-how-to-authenticate-my-user-without-an-interface","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/","title":{"rendered":"FAPI-CIBA: How to authenticate my user without an interface?"},"content":{"rendered":"

Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects.<\/p>\n

In particular, with the explosion of the IoT and regulations such as DSP2, the need to trigger uncorrelated authentications from the\u00a0 user\u2019s medium access become more pressing: indeed, the later may not have the necessary interfaces, or may not be recognized as a sufficiently secured support.<\/p>\n

The additional cinematic CIBA, Client Initiated Backchannel Authentication Flow<\/a> aims to define the exchanges and calls allowing to trigger such authentications. This first article aims to briefly describe the high-level operation of this cinematic, and to present the contributions and additional use cases that it can cover.<\/p>\n

\n

What is CIBA?<\/h2>\n

CIBA is a new authentication flow and authorization of the OpenID Connect standard, defined by the Open ID foundation.<\/p>\n

The CIBA flow is the first OpenID flow qualified as \u2018\u2019decoupled\u2019\u2019, because it introduces the notions of Consumption Device (CD) and Authentication Device (AD). The CD is the device on which the access to a service (Relying Party, RP) is requested, whereas the AD is the device on which the user authenticates\u00a0 themselves\u00a0 with the OpenID Provider (OP) and authorizes the CD-requested access, by giving its consent.<\/p>\n

\n

\"\"<\/figure>\n

 <\/p>\n

Contrary to the other flows of the OIDC standard, CIBA considers that the user can authenticate on a device different from the one on which he wants to access the service. For example, a user is looking to access his bank account from his computer and authenticate themselves to authorize the access from his smartphone.<\/p>\n

 <\/p>\n

What contributions?<\/h2>\n

The CIBA flow presents several significant interests for users\u2019 authentication.<\/p>\n

Today\u2019s OIDC authentications flows are relying on web redirection between the accessed service (Relying Party) and the identity provider. These redirections are not very user-friendly and might be disturbing for the users, who see their browser, or their application go from a page to another without really understanding this behaviour. With CIBA, the device that the user employs to access the service stays on said service\u2019s page, waiting for user authentications to be executed on the AD. The redirections\u2019 disappearance also improves the Relying Party\u2019s acceptance, which does not lose control and visibility of the user\u2019s action when the latter must authenticate themself to the OP anymore.<\/p>\n

 <\/p>\n

\"\"<\/figure>\n

Gains by population<\/p>\n

 <\/p>\n

The multi-factor authentication (MFA) is more and more common and recommended to access internet services. Texts, soft-tokens or Out-Of-Band push notifications are several examples of additional authentication factors, used today in addition to a password. With CIBA, this factor\u2019s presence is a natural part of the authentication, since it is carried out on a registered device like AD. Asking the users to authenticate themself on the AD with a password, a PIN, a biometric factor, etc\u2026 allows a centralization of the authentication actions on a single device, while allowing to do some \u00a0MFA.<\/p>\n

 <\/p>\n

Use case examples<\/h2>\n

The call centre<\/strong><\/p>\n

Nowadays, when a client rings a call centre, the operator often verifies the client\u2019s identity with several personal inquiries (date and place of birth, social security number) or with security inquiries. This authentication method is particularly vulnerable to attacks, such as social engineering.<\/p>\n

Thanks to CIBA, it is possible for the operator to trigger an authentication request for callers on their Authentication Device, and thus ascertain the client\u2019s identity in a more secure fashion.\"\"<\/p>\n

\n

Virtual assistants<\/strong><\/p>\n

DSP2 imposes banking organisations to ascertain the identity of the person carrying out an operation over a certain threshold, which mandatorily passes through an authentication phase (2 factors) during a transfer, for example. However, IoT such as the voice assistants do not have an interface allowing the user to input their identifiers, and force the customer to validate a transfer request on a web portal via his smartphone or his PC, which is not the ideal user experience. CIBA is used to free oneself from this constraint, because the customer\u2019s bank is then able to send an authentication request on the adequate terminal (AD), limiting the impression of a break in course for the customer.<\/p>\n

\"\"<\/p>\n

 <\/p>\n

Conclusion<\/h2>\n

The authentications cinematic CIBA fills real weaknesses of the OpenID Connect protocol, both in terms of functional coverage and customer experience. It\u2019s implementation in the real world should happen quickly, and numerous market players are already looking to implement it.<\/p>\n","protected":false},"excerpt":{"rendered":"

Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects. In…<\/p>\n","protected":false},"author":1267,"featured_media":15211,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2777,3272],"tags":[3006,3823,3821,2827,3822,3820],"coauthors":[2756,3815],"class_list":["post-15224","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-digital-identity-en","tag-authentication","tag-ciba-en","tag-fapi","tag-identity","tag-oidc-en","tag-open-id-connect"],"acf":[],"yoast_head":"\nFAPI-CIBA: How to authenticate my user without an interface? - RiskInsight<\/title>\n<meta name=\"description\" content=\"Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects.In particular, with the explosion of the IoT and regulations such as DSP2, the need to trigger uncorrelated authentications from the user\u2019s medium access become more pressing: indeed, the later may not have the necessary interfaces, or may not be recognized as a sufficiently secured support.The additional cinematic CIBA, Client Initiated Backchannel Authentication Flow aims to define the exchanges and calls allowing to trigger such authentications. This first article aims to briefly describe the high-level operation of this cinematic, and to present the contributions and additional use cases that it can cover.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FAPI-CIBA: How to authenticate my user without an interface? - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects.In particular, with the explosion of the IoT and regulations such as DSP2, the need to trigger uncorrelated authentications from the user\u2019s medium access become more pressing: indeed, the later may not have the necessary interfaces, or may not be recognized as a sufficiently secured support.The additional cinematic CIBA, Client Initiated Backchannel Authentication Flow aims to define the exchanges and calls allowing to trigger such authentications. This first article aims to briefly describe the high-level operation of this cinematic, and to present the contributions and additional use cases that it can cover.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2021-02-24T09:30:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"2560\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"David Martinache, Thomas Paquelier\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"David Martinache, Thomas Paquelier\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/\"},\"author\":{\"name\":\"David Martinache\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/c2eed2ef6c1db74269aa80df1592b52e\"},\"headline\":\"FAPI-CIBA: How to authenticate my user without an interface?\",\"datePublished\":\"2021-02-24T09:30:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/\"},\"wordCount\":753,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg\",\"keywords\":[\"authentication\",\"CIBA\",\"FAPI\",\"identity\",\"OIDC\",\"Open ID Connect\"],\"articleSection\":[\"Cybersecurity & Digital Trust\",\"Digital Identity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/\",\"name\":\"FAPI-CIBA: How to authenticate my user without an interface? - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg\",\"datePublished\":\"2021-02-24T09:30:49+00:00\",\"description\":\"Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects.In particular, with the explosion of the IoT and regulations such as DSP2, the need to trigger uncorrelated authentications from the user\u2019s medium access become more pressing: indeed, the later may not have the necessary interfaces, or may not be recognized as a sufficiently secured support.The additional cinematic CIBA, Client Initiated Backchannel Authentication Flow aims to define the exchanges and calls allowing to trigger such authentications. This first article aims to briefly describe the high-level operation of this cinematic, and to present the contributions and additional use cases that it can cover.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg\",\"width\":2560,\"height\":2560,\"caption\":\"Vector man wearing glasses in flat style - smartphone addiction concept\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"FAPI-CIBA: How to authenticate my user without an interface?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity & digital trust blog by Wavestone's consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/c2eed2ef6c1db74269aa80df1592b52e\",\"name\":\"David Martinache\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/david-martinache\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"FAPI-CIBA: How to authenticate my user without an interface? - RiskInsight","description":"Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects.In particular, with the explosion of the IoT and regulations such as DSP2, the need to trigger uncorrelated authentications from the user\u2019s medium access become more pressing: indeed, the later may not have the necessary interfaces, or may not be recognized as a sufficiently secured support.The additional cinematic CIBA, Client Initiated Backchannel Authentication Flow aims to define the exchanges and calls allowing to trigger such authentications. This first article aims to briefly describe the high-level operation of this cinematic, and to present the contributions and additional use cases that it can cover.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/","og_locale":"en_US","og_type":"article","og_title":"FAPI-CIBA: How to authenticate my user without an interface? - RiskInsight","og_description":"Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects.In particular, with the explosion of the IoT and regulations such as DSP2, the need to trigger uncorrelated authentications from the user\u2019s medium access become more pressing: indeed, the later may not have the necessary interfaces, or may not be recognized as a sufficiently secured support.The additional cinematic CIBA, Client Initiated Backchannel Authentication Flow aims to define the exchanges and calls allowing to trigger such authentications. This first article aims to briefly describe the high-level operation of this cinematic, and to present the contributions and additional use cases that it can cover.","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/","og_site_name":"RiskInsight","article_published_time":"2021-02-24T09:30:49+00:00","og_image":[{"width":2560,"height":2560,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg","type":"image\/jpeg"}],"author":"David Martinache, Thomas Paquelier","twitter_misc":{"Written by":"David Martinache, Thomas Paquelier","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/"},"author":{"name":"David Martinache","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/c2eed2ef6c1db74269aa80df1592b52e"},"headline":"FAPI-CIBA: How to authenticate my user without an interface?","datePublished":"2021-02-24T09:30:49+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/"},"wordCount":753,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg","keywords":["authentication","CIBA","FAPI","identity","OIDC","Open ID Connect"],"articleSection":["Cybersecurity & Digital Trust","Digital Identity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/","name":"FAPI-CIBA: How to authenticate my user without an interface? - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg","datePublished":"2021-02-24T09:30:49+00:00","description":"Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects.In particular, with the explosion of the IoT and regulations such as DSP2, the need to trigger uncorrelated authentications from the user\u2019s medium access become more pressing: indeed, the later may not have the necessary interfaces, or may not be recognized as a sufficiently secured support.The additional cinematic CIBA, Client Initiated Backchannel Authentication Flow aims to define the exchanges and calls allowing to trigger such authentications. This first article aims to briefly describe the high-level operation of this cinematic, and to present the contributions and additional use cases that it can cover.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/02\/Fotolia_60161963_Subscription_Monthly_XXL-Smartphone-addiction-concept\u00a9-venim-Copie.jpg","width":2560,"height":2560,"caption":"Vector man wearing glasses in flat style - smartphone addiction concept"},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/02\/fapi-ciba-how-to-authenticate-my-user-without-an-interface\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"FAPI-CIBA: How to authenticate my user without an interface?"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity & digital trust blog by Wavestone's consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/c2eed2ef6c1db74269aa80df1592b52e","name":"David Martinache","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/david-martinache\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/15224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1267"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=15224"}],"version-history":[{"count":1,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/15224\/revisions"}],"predecessor-version":[{"id":15233,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/15224\/revisions\/15233"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/15211"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=15224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=15224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=15224"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=15224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}