Axiad Cloud – Certificate-Based Authentication for IAM

Additional Info

Company size (employees)50 to 99
Headquarters RegionNorth America
Type of solutionCloud/SaaS


Certificate-Based Authentication (CBA) enables users to authenticate with certificates directly to applications and browsers. As one of the most secure, phishing-resistant forms of multi-factor authentication (MFA), it is a powerful upgrade for enterprises and public sector agencies who rely on antiquated MFA approaches or have multiple IAM systems in place.

A key offering within Axiad Cloud, Axiad’s Certificate-Based Authentication for IAM (CBA for IAM) allows you to extend the capabilities of existing IAM systems (such as Azure AD, Okta, Ping Identity, and CyberArk) to provide passwordless, phishing-resistant MFA. CBA for IAM streamlines Authenticator (including Smart Cards or USB Keys) and Credential management while improving overall protection.

CBA for IAM overlays multiple IAM systems, use cases, and operating systems – including Microsoft Windows, Apple OS, and Linux – and helps organizations be more consistent and systematic in how they authenticate. In particular, Axiad supports Microsoft Azure AD certificate-based authentication (CBA), enabling Azure users to implement phishing-resistant MFA and migrate from legacy infrastructure to the cloud.

Leveraging the power of Axiad Cloud, CBA for IAM delivers operational and end-user benefits including streamlining workflows, managing credentials across their lifecycle and enabling end users to provision and reset credentials without IT involvement.

Axiad Cloud supports the widest range of credentials in the market, including FIDO, Windows Hello for Business, YubiKeys, smart cards, mobile MFA, TPM and biometrics, and more. It integrates authentication across complex IT environments – including Windows, Mac and Linux operating systems and multiple existing IAM systems – allowing organizations to eliminate gaps and become more programmatic in their overall cybersecurity practices.

Axiad Cloud is trusted by government agencies and Fortune 500 companies across highly regulated industries such as financial services and healthcare, as well as aerospace & defense, oil & energy, retail, manufacturing and more, with deployments as large as 140,000 users.

How we are different

Extends IAMs Consistently: Provisions and manages passwordless, phishing-resistant MFA authenticators and credentials seamlessly and consistently to existing IAM systems at scale. All entities are secured without using passwords or shared secrets so the authentication process is secure from end-to-end. Leverages an international standard X.509 certificate to interoperate across a broad range of vendor products.

Consolidates Credential Management: Credential Dashboard uniquely provides visibility into all end user authenticators, including Microsoft Authenticator, Windows Hello for Business, USB Keys, and more. IT can get a consolidated view of all the users MFA authenticators and manage them from one place.

Drives Efficiencies for IT and End Users: Replaces use of multiple tools for rollout, management, and support of authenticators and credentials. Supports a range of certificate request and delivery workflows. Axiad’s Airlock feature provides help desk automation by eliminating temporary passwords, automating administration, and enabling self-service credential management. Another feature, MyCircle, empowers self-service by enabling the workforce to issue department-level credential resets, thereby avoiding temporary passwords and increasing efficiency for IT and end users.