Authentication and authorization service interface question

[scotthasse]

Question/Comment on e-QIP Prototype RFQ

Name and affiliation

Scott Hasse CTO Flexion

Section of RFQ documents

PWS section 5.0 TASKS

Question/Comment

Section 5.0 states:

Contractor shall ensure that the prototype includes user authentication and authorization functionality that, at a minimum, includes two-factor authentication using open source encryption protocols.

To be secure, two factor authentication and authorization will require back end processing or front end authenticating proxy capability. Do you expect the front end prototype to be delivered with mock authentication and authorization services or functional authentication and authorization services?

[allalala]

User research and further discussions between the vendor and Product Owner will help define the requirements as needs surface.