OVERVIEW
DevOpsGroup as partner and supplier for Revolgy
Information
- Client: Revolgy
- Industry: Energy
- Project Type: Cloud Transformation
- Services: Cross-Platform Session Management, Token Security, Performance & Latency
Intro
A leading European energy provider required a seamless Single Sign-On (SSO) solution to handle secure token management and ensure smooth session continuity for users navigating between their mobile and web applications. To achieve this, the company collaborated with DevOpsGroup, leveraging AWS Cognito and custom authentication flows to securely transfer active user sessions across multiple applications without requiring repeated logins. This solution also ensured strong security and a smooth user experience.
Objective
Innogy wanted a secure solution to handle user sessions and tokens, allowing users to move
between apps without re-authenticating. With DevOpsGroup’s expertise, Innogy aimed to:
- â—Ź Ensure seamless user experiences with uninterrupted session transfers.
â—Ź Implement secure token generation and management with minimal reauthentication.
â—Ź Enhance overall security through secure token handling. - Â
Key Challenges:
- â—Ź Cross-Platform Session Management: Ensuring active sessions could be transferred
without requiring new logins.
â—Ź Token Security: Implementing hashed tokens and timestamp validations to prevent
unauthorized access.
â—Ź Performance & Latency: Ensuring low-latency session handling for optimal user
experience.
Solution
DevOpsGroup used AWS Cognito and Lambda functions to build a secure token system for
Innogy. The key features included:
- â—Ź Token Swap: AWS Cognito was used to swap tokens securely between apps, allowing
users to move between devices like mobile and web.
● Custom Authentication: AWS Cognito’s custom flows helped manage tokens with
unique security measures, including encryption and time-based validity.
â—Ź Automated Session Verification: Lambda functions were used to check token validity
and make sure they couldn’t be misused.
â—Ź Redirects: Once authenticated, users were automatically sent to the correct page
without needing to log in again. - Â
Security was enhanced by encrypting tokens and using client-specific keys for extra protection.
Challenges
â—Ź Token Validation & Security: Ensuring tokens could not be tampered with and would
automatically expire to reduce risks.
â—Ź Cross-Account Authentication: Managing authentication across different applications (e.g., mobile vs. web).
â—Ź Session Continuity: Minimizing any latency during session swaps for a smooth user experience.
Success Criteria
â—Ź Seamless User Transitions: Users could move between applications without requiring reauthentication.
â—Ź High Security: Ensuring tokens were secure and properly managed.
â—Ź Low Latency: Keeping the system fast and responsive.
Benefits
● Enhanced Security: Secure hash generation and token encryption, plus Cognito’s
cross-client token swaps, protected user sessions and reduced reauthentication needs.
â—Ź Improved User Experience: Users experienced uninterrupted sessions when
transitioning between applications, enhancing platform usability.
● Reduced Operational Complexity: DevOpsGroup’s solution allowed Innogy’s technical teams to handle user sessions more efficiently, reducing manual processes and improving operational flow.
Conclusion
With help from DevOpsGroup, a major energy provider created a secure system to manage user sessions across different applications, so users didn’t have to log in every time they switched platforms. Using AWS Cognito’s custom login features and encrypted tokens, the company ensured user data remained protected. The system was also built to scale with growing demands, handling an increasing number of users as needed. This led to a smoother and more convenient user experience, improved operational efficiency, and reduced the workload for internal tech teams.
Head of Professional services
Michal ReĹľnickĂ˝
DevOpsGroup and their specialists are very structured, organized and always ready for meetings. In this project we worked with Pavel Krajkovic, junior DevOps Architect. I really appreciate in Pavel Krajkovic’s calmness in explaining the infrastructure to a customer with little experience in this area. It is important to have strong communication skills when presenting a solution like this.
