Skip to content

Jans Casa Documentation#

Overview#

Jans Casa ("Casa") is a self-service web portal for end-users to manage authentication and authorization preferences for their account in a Janssen Server.

For example, as people interact with an organization's digital services, they may need to:

  • Enroll, delete and manage two-factor authentication (2FA) credentials for their account (e.g. FIDO security keys, mobile apps, phone numbers, etc.)
  • Turn 2FA on and off
  • View and manage which external apps have been authorized to access what personal data
  • View trusted devices

Casa provides a platform for people to perform these account security functions and more in a friendly, straightforward manner.

Two-factor authentication#

The core use case for Casa is self-service 2FA. If people need to call the helpdesk every time they get a new phone or security key, supporting strong authentication becomes prohibitively expensive.

Out-of-the-box, Casa can be used to enroll and manage the following authenticators:

  • FIDO2 security keys like Yubikeys
  • Gluu's FIDO push-notification mobile app, Super Gluu
  • OTP hardware cards like these or dongles like these
  • OTP mobile apps like Google Authenticator, FreeOTP, etc.
  • Mobile phone numbers able to receive OTPs via SMS
  • Passwords

Additional authenticators and use cases can be supported via custom plugins.

2FA enrollment APIs#

To facilitate 2FA device enrollment during account registration, or elsewhere in an application ecosystem, Casa exposes APIs for enrolling the following types of authenticators:

  • Phone numbers for SMS OTP
  • OTP apps, cards, or dongles
  • FIDO security keys

Configuration via APIs#

Besides a comprehensive graphical admin console, application settings can also be manipulated by means of a configuration API.

Existing plugins#

Casa is a plugin-oriented, Java web application. Existing functionality can be extended and new functionality and APIs can be introduced through plugins. Currently, there are plugins available for the following:

If you are interested in onboarding additional authentication methods to Casa, read this guide.

User roles#

There are two types of users in Jans Casa:

  • Regular users: Any user in the Janssen Server

  • Admin users: Users having the CasaAdmin role

Admin users have access to the Casa admin console. All users can manage their 2FA credentials, as outlined in the user guide.

A user can be "turned" into an administrator by editing his profile - in TUI for instance - ensuring CasaAdmin is part of his role attribute.

Get started#

Use the following links to get started with Casa:

Admin Guide#

User Guide#

Developer guide#


Last update: 2024-11-29
Created: 2023-10-05