PortalGuard

PortalGuard (by BIO-key) is an IAM platform for standards-based SSO, MFA (including Identity-Bound Biometrics), and desktop login MFA on Windows/macOS. It supports SAML 2.0, OpenID Connect 1.0, OAuth 2.0, and CAS 3.x, can enforce Kerberos/IWA “true SSO” on domain-joined devices, and is available as both IDaaS (cloud) and on-premises software. BIO-key acquired PortalGuard (PistolStar) in 2020.

Key Capabilities

  • Standards-based federation: Delivers SSO to SaaS and on-prem apps using SAML 2.0, OpenID Connect 1.0, OAuth 2.0, and CAS 3.x.

  • Kerberos/IWA support: Enables “true SSO” on domain-joined workstations to eliminate repeated prompts, with optional MFA for step-up access.

  • MFA breadth & biometrics: Provides Identity-Bound Biometrics (facial/palm/voice via MobileAuth and BIO-key hardware), plus FIDO2/WebAuthn security keys and traditional OTP/push factors.

  • Desktop login MFA: Enforces MFA at the Windows/macOS login screen for local sessions, RDP, and server access via PortalGuard Desktop.

Limitations

  • SCIM provisioning: Public materials do not document a general-purpose SCIM 2.0 provider/consumer interface; confirm SCIM roles before planning lifecycle integrations.

  • Advanced OAuth profiles: Documentation emphasizes core OAuth/OIDC; support for PAR, DPoP, or mTLS/FAPI is not clearly confirmed.

  • Endpoint agent dependency: Desktop MFA relies on deploying PortalGuard Desktop components to managed endpoints.

  • Biometric enrollment posture: IBB/MobileAuth introduces device and user enrollment workflows and may require BIO-key hardware for certain factors.

Customer Identity, Simplified.

No Complexity. No Limits.
Thousands of businesses trust LoginRadius for reliable customer identity. Easy to integrate, effortless to scale.

See how simple identity management can be. Start today!
Free Trial
Contact Sales