Password-free authorization system

Based on user SSL certificates

Connect a website
Learn more about how it works...

Why do I need Authorizer?

There are at least 8 reasons to try it out

  • Secure

    There is no password transfer, meaning no risk of password interception

  • Convenient

    No need to fill any forms. Authorization requires a single click

  • Anonymous

    Your data isn't stored anywhere removing risks of data theft

  • Free

    The service is absolutely free for both users and website owners

  • Practical

    Everyday use of certificates saves a considerable amount of time and nerves

  • Advanced

    There is no place for passwords in the XXI century!

  • Flexible

    You can use SSL certificates in any browser and on any device, including smartphones and tablets.

  • For people

    Just like SSL certificates, Authorizer is meant for people. Bots can't use it yet meaning less spam for your website

How does it work?

Blockchain technologies and a bit of magic

Authorizer is a combination of field-tested OAuth2 and Emer blockchain technologies. The blockchain is used to store encrypted information about user certificates and virtual cards.

Workflow:

  1. User creates a certificate and registers it in blockchain
  2. Certificate is added to a device browser
  3. After clicking "Log in using Authorizer" on any website, the user is redirected to oauth.authorizer.io to authorize using SSL certificates
  4. We pass user's authorization token to the website using the OAuth2 protocol

In case of an emergency, a user can independently recall its certificate. This may be used in case of a device loss.

User can issue any number of certificates and use them at own discretion.

How to issue a certificate?

Three easy steps

The most secure option is to issue a certificate independently, using the Emer toolkit. This process requires specific technical knowledge but guarantees that no one will get access to the certificate.

Besides that, you can use an online service to generate a certificate. However, you will need to upload the certificate data to the blockchain.

General certificate issuing scheme:

  1. Generation of a certificate
  2. Upload of the certificate data to the blockchainн
  3. Addition of *.p12 certificate to a browser or a mobile device

How to connect your website?

A short instruction

//Create an application and get CLIENT ID and CLIENT_SECRET. 
//Don't forget to include REDIRECT_URI! 
//These preferences are application specific. 
//Here are the general parameters: 

//Authorization page
AUTH_PAGE = 'https://oauth.authorizer.io/oauth/v2/auth';

//Receiving a token
AUTH_TOKEN = 'https://oauth.authorizer.io/oauth/v2/token';

//Optional infocard data acquisition
INFOCARD_PAGE = 'https://oauth.authorizer.io/infocard';

Authorizer is a OAuth2 provider that works on standard principles. Service configuration is almost similar to any other OAuth provider:

  1. Create a certificate and authorize yourself on a website
  2. Add an application to receive Client Id and Secret
  3. Include authorization data on your website or configure a module for your CMS
Plugins are available for the following CMS
Create an application