SecureW2

SecureW2 is a SaaS platform for certificate-based network access: Cloud RADIUS + PKI + device onboarding (JoinNow). It delivers 802.1X/EAP-TLS Wi-Fi/wired auth, integrates with IdPs via SAML during enrollment, and supports inbound SCIM from providers like Microsoft Entra ID; it also ingests IdP/MDM/EDR posture signals for policy. It is not a general-purpose SAML/OIDC IdP for app SSO.

Key Capabilities

• Cloud RADIUS (802.1X/EAP-TLS): Fully managed, globally available RADIUS enforcing certificate-based access for Wi-Fi and wired networks.

• Device onboarding (JoinNow): Guided certificate enrollment for Windows, macOS, iOS, Android (BYOD) plus gateway APIs/SCEP for MDM-managed devices.

• SCIM user/group import: Entra ID and similar guides document enabling SCIM provisioning to populate SecureW2 and drive certificate policies/role mapping.

• Policy with live signals: Cloud RADIUS ingests IdP/MDM/EDR signals and applies real-time, identity- and device-aware policy at every network connection.

Limitations

• Not an app IdP: SecureW2 uses SAML to your IdP for enrollment and issues certificates for network access; it is not a general-purpose SAML/OIDC IdP for web apps.

• OAuth/OIDC features: Materials center on EAP-TLS/RADIUS; there isn’t enough public information to confirm advanced OAuth/OIDC profiles (e.g., PAR, DPoP, mTLS-bound tokens) in SecureW2 itself.

• FIDO2/WebAuthn for app SSO: Blogs discuss concepts, but native WebAuthn/passkey authenticators for web-app SSO within SecureW2 are not clearly documented.

• Network-centric scope: Excellent for WPA2-Enterprise/network certs; web-app SSO and governance remain with your IdP/IGA.

• SaaS model: Delivered as a managed cloud service; on-prem RADIUS/PKI is not the primary deployment approach.