Cyber security · Enterprise authentication
e91 MFA
Gateway

The authentication gateway for enterprise access. Centralised, secure, and deployable entirely within your own infrastructure — on-premise, private cloud, or air-gapped.

Explore features →
On-premise deployable
FIDO2 / WebAuthn
SIEM-ready audit logs
Active-active HA
e91 MFA Gateway
2 nodes active
Authentication request
r.sharma@nic.in
Ministry user · Remote VPN
Credential verified (LDAP) 0.1s
Context evaluated (trusted device) 0.2s
FIDO2 challenge enforced 0.8s
Access granted 1.1s total
Active-active HA · No single point of failure
12 auth methods
FIDO2 passwordless
On-premise only
SIEM-ready audit
Centralised gateway for apps, VPN, servers & infra
OTP, push & passwordless including FIDO2
Active-active HA · No single point of failure
SIEM-ready audit logs
How it works

Every access request
verified. Every time.

e91 MFA Gateway sits between your users and your systems. Every login request — from employees, remote users, admins, or vendors — is validated, contextually evaluated, and MFA-enforced before access is granted.

User
Internal / Remote
Login request
e91 MFA Gateway
Authentication hub
Verify credentials (AD/LDAP)
Evaluate context (device/location)
Enforce MFA (OTP/Push/FIDO2)
Access granted
Fully verified
Secure access
Enterprise apps
VPN gateways
Linux / Windows servers
Network devices
All authentication events exported to SIEM / Audit Logs · Authentication data stays within your environment at all times
The complete authentication stack

12 authentication methods.
One unified gateway.

Every method your organisation needs — from hardware security keys to biometrics, OTP, and backup recovery — all managed from a single policy console deployed within your environment.

e91 MFA
Authentication Gateway
OTP
TOTP / HOTP via authenticator or hardware token
Mobile push
Push approval with number matching — anti-fatigue
Passwordless
FIDO2 / WebAuthn — phishing-resistant hardware key
Biometric
Fingerprint and Face ID via device-level biometrics
Smartcard / Certificate
X.509 certificate via PIV smartcard or soft cert
RADIUS / Network
Challenge-response for VPN, switches, Wi-Fi infra
Out-of-band
QR-based approval for high-security out-of-band confirmation
Step-up auth
Secondary factor triggered by policy or risk score
Device trust
Trusted device recognition and remembered devices
API / Service tokens
Token-based auth for service integrations and APIs
Backup & recovery
Secure codes and policy-compliant account recovery
Recovery assurance
Policy-compliant recovery — no auth bypass possible
One unified gateway
All 12 methods, one policy console
OIDC · SAML · RADIUS · LDAP
On-premise · Private cloud · Air-gapped
SIEM-ready audit · Active-active HA
Adaptive intelligence

Authentication that thinks.
Context-aware by design.

e91 MFA Gateway evaluates every access request against a rich contextual policy engine — user role, device trust, geographic location, network, and risk score — to dynamically enforce the right level of authentication challenge.

Adaptive authentication
User role & app sensitivity
Higher sensitivity = stricter challenge
New or untrusted device
Unknown devices always challenged
Access location & network
Geo and network anomaly detection
Policy-based step-up
Dynamic escalation on risk signals
Integration & compatibility
OAuth2 / OIDC
Modern app authentication
SAML 2.0
Enterprise SSO federation
RADIUS
VPN & network infra
LDAP / Active Directory
Identity directory sync
Integrates with existing identity providers and directory services for centralised identity lifecycle management. Works alongside your existing IAM without replacing it.
Architecture & deployment

Active-active HA.
No single point of failure.

e91 MFA Gateway is designed for mission-critical deployments. Active-active nodes with load balancing ensure there is no single point of failure. Deployable entirely within your own environment — on-premise, private cloud, or restricted network.

Internal users
Remote users
Load balancer
Active-active distribution
e91-MFA Node 1
Active
e91-MFA Node 2
Active
Identity directory
AD / LDAP / Identity provider
Applications
VPN
Servers
Networking
SIEM / Audit logs
All events stay within your environment
Centralised policy management
Define, deploy, and update authentication policies across all applications and users from a single admin console. Changes take effect in real time.
SIEM-ready audit visibility
Authentication events, failures, and administrative activity are logged in structured format. SIEM integration support ensures all audit data stays within your environment.
Self-service & delegated admin
Self-service enrollment and recovery for end users. Delegated administration enables department-level IT teams to manage their own users within defined policy boundaries.
e91 MFA Gateway

Sovereign authentication
for enterprise access.

Deployable on-premise or within your private cloud. No shared infrastructure. Authentication data stays entirely within your organisation’s environment.

View all products →