Application Security

User Interfaces

Mago is a cloud-based platform which can be accessed via native apps for desktop (Mago Room for Windows 10, Mago App for Windows 10), mobile (Mago App for iOS and Android), and web interface through a number of popular web browsers on both desktop and mobile (Mago App for web, Mago Management Console).

The Mago software consumes a REST API provided by our Re Mago Meeting Server (RMS Backend layer) which is credential secured over TLS 1.2. All communication with the REST API, and our IIS services, are over TLS (port 443) with 2048-bit asymmetric encryption and 256-bit symmetric encryption. The Hubs are authenticated on our servers using a 4 step authentication process with SASL. All inbound and outbound data from our backend layer is encrypted and transmitted over TLS with 2048-bit asymmetric encryption and 256-bit symmetric encryption using certificates from third party credited authorities. Network communication is protected using the latest in technology to secure all your video, audio and data. Using the TLS cryptography protocol, previously referred to as SSL, we provide protection using a 2048-bit asymmetric key in conjunction with a 256-bit symmetric session key. More information on ports used can be found within this document.

User Authentication

Mago offers two different authentication methods to its Cloud users:

  • Basic username and password authentication

  • Third-party Identity Provider authentication (OAuth 2.0)

Basic Authentication

The Basic authentication requires a valid email address that undergoes an initial verification process through a confirmation email, and a password that must match our strong password policy.

Third-party Identity Providers

Alternatively, Mago supports the following third-party identity providers: Google, Microsoft, Apple. Authentication with third-party identity providers is made via a secure OAuth 2.0 process. Mago has obtained app marketplace / app store certification from all the supported third-party identity providers.

Multi-Factor Authentication

Mago users can add an additional security layer by activating the Multi-Factor Authentication. Mago currently supports MFA via Authenticator App OTC, Email OTC, SMS OTC.

SSO (On-prem deployment only)

Enterprise On-premises accounts can set up SAML-based SSO giving their team members access to Mago Server through an identity provider (idP) of their choice. A SAML 2.0 ldP like Azure AD can be chosen to set up authentication within your secure network.

Last updated