IPV’s Curator Gateway provides authentication and user management for Curator users. Every time a user accesses a Curator application their login credentials are verified by the Curator Gateway to ensure the user has an active account and permission to use the Curator application they are accessing.

This solution brief describes the key features and benefits of the Curator Gateway.

Features

	Security Two-factor authentication (2FA) Single-sign-on (SSO) across Curator apps Password strength enforcement Secure HTTPS communication API routing for Curator services, allowing services to remain behind private subnet/DMZ firewalls
	Connectors Connect Curator Gateway to authentication providers including: Okta Microsoft Active Directory Microsoft AD FS Google Auth Any OpenID Connect authentication provider Or use Curator’s built-in user authentication option
	User Management Add and remove Curator users Deactivate and reactivate users without removing their account eg. freelancers Manage workgroups and user roles eg. logger, editor, administrator Find Curator apps quickly through the My Apps page Users can upload avatars to personalize their account Self sign-up option for users, optionally restricted by e-mail domain
	User Analytics Track interactions for individual users, including: Registration Login Logout Application use

Deployment architecture

Curator Gateway is available in Curator 3.0 Arrival or later and can be deployed on-premise or in the cloud as part of a full-cloud or hybrid-cloud architecture.

Curator Gateway’s security options also allow Curator’s services to be deployed inside a private subnet or DMZ with user requests routed through the Curator Gateway. This protects Curator’s services and ensures only authorized, authenticated users can make requests to Curator’s APIs.

The diagram below shows an example Curator Gateway deployment in a hybrid-cloud architecture.