Skip to content
Arnold Kiss15 May 20253 min read

Rimo3's Dual Authentication Architecture: Entra ID Integration and Local Identity Access

How Rimo3 Dual-Auth Works: Entra ID & Local Identity Flow

In today’s zero-trust security landscape, identity is the new perimeter. At Rimo3, securing our users' access to applications and services isn’t just about protecting data -- it's about delivering a seamless, scalable, and flexible authentication experience. That’s why we’ve architected our Identity and Access Management (IAM) system with two robust authentication flows:

  1. Federated authentication via Microsoft Entra ID (formerly Azure AD)
  2. Direct login using Rimo3-managed local credentials

Both flows leverage a centralized authentication broker we're calling Rimo3 Identity, built on standards-compliant Identity Server, while allowing organizations to align with their preferred identity strategy.

 

Flow 1: How Does Enterprise SSO via Microsoft Entra ID Work?

Our primary and recommended authentication flow integrates with Microsoft Entra ID, enabling enterprise-level identity governance, security policies, and Single Sign-On (SSO). This is ideal for organizations with an established Microsoft 365 or Azure ecosystem.

 

 

🔧 Technical Flow Breakdown

  1. User opens a browser and navigates to a secure Rimo3 application (e.g., https://patch.rimo3cloud.com).
  2. The app redirects the authentication request to https://identity.rimo3cloud.com (Rimo3 Identity).
  3. Rimo3 Identity initiates a federated login with Microsoft Entra.
  4. The user is redirected to Microsoft Entra ID to sign in.
  5. The user enters corporate credentials and optionally satisfies MFA requirements.
  6. If required, the user consents to permissions requested by Rimo3.
  7. Microsoft Entra issues an access token, which is sent back to Rimo3 Identity.
  8. Rimo3 Identity validates the token and issues a Rimo3-specific access token.
  9. The token is passed to the Rimo3 application.
  10. The app validates the Rimo3 token and grants access.
  11. Secure content is rendered in the user’s browser.

 

Advantages

  • Enterprise Policy Enforcement: Supports MFA, conditional access, role-based control.
  • Seamless User Experience: Enables SSO across Rimo3 and other Entra-integrated apps.
  • Centralized Identity Management: No password storage or handling by Rimo3.
  • OpenID Connect and OAuth 2.0 compliant.

 

🧠 Use Case

An enterprise customer with Microsoft 365 integration wants their employees to use their existing Entra ID credentials to access Rimo3's services, ensuring seamless integration with internal security policies.

 

Flow 2: Authentication via Rimo3 Local Identity

While Entra ID is recommended, we also support local authentication, ensuring flexibility for smaller customers, partners, or internal scenarios that do not rely on federated identity providers.

 

 

🔧 Technical Flow Breakdown

  1. User opens browser and navigates to https://basecamp.rimo3cloud.com.
  2. The application redirects the user to Rimo3 Identity.
  3. The user selects the local login option.
  4. User enters credentials directly into the Rimo3 Identity login form.
  5. Rimo3 Identity authenticates the user using internal user storage and best-practice password policies.
  6. Upon success, Rimo3 Identity issues an access token.
  7. The Rimo3 application validates the token.
  8. Secure content is displayed to the user.

 

🔒 Security Highlights

  • NIST-Recommended Password Policies: Minimum 15-character passwords and complexity enforcement (uppercase, lowercase, numbers, special characters).
  • Secure Password Storage: Encrypted using strong, salted cryptographic hashing algorithms.
  • Brute-force Protection: Throttling, lockout policies, and anomaly detection.
  • Credential Hygiene: Periodic password rotation is encouraged.

 

🧠 Use Case

A small business partner wants to access Rimo3 without integrating Entra or other IdPs. Local credentials provide a quick and secure option.

 

Key Takeaways: Rimo3 Dual-Auth Architecture

By supporting both federated and local authentication, Rimo3 empowers customers to adopt the security posture that best aligns with their business needs. Our integration with Microsoft Entra ID ensures scalable, enterprise-grade authentication, while our local identity option provides flexible access without compromising on security.

Whether you're managing thousands of identities or just a handful, Rimo3’s IAM architecture has you covered—with security, compliance, and user experience at the forefront.

 

Have questions about our security initiatives or want to learn more about our integration with Microsoft Entra? Contact us!

 

FAQs: Dual Authentication & Entra ID Integration

What is Rimo3’s dual-authentication architecture?
How does Entra ID integration improve security?
When should I use local authentication?
How is user data protected in local login?
Can Rimo3 Identity support other IdPs?

Similar Posts

See All Posts
Image for Rimo3’s Security Evolution: Modern Identity & Access with Microsoft Entra
  • Security
  • Microsoft

Rimo3’s Security Evolution: Modern Identity & Access with Microsoft Entra

14 May 2025

Image for Rimo3 Releases a New API Update: Euphrates
  • Application Migration

Rimo3 Releases a New API Update: Euphrates

18 Dec 2023

Image for Rimo3 Workspace360 Shows the Impact of Application Change Before Change Happens
  • Patch Management

Rimo3 Workspace360 Shows the Impact of Application Change Before Change Happens

10 Sep 2024