Identity Provider

Fleeting

• External reference: https://en.wikipedia.org/wiki/Identity_provider
• See
  • identification and authorization manager,

Using this allows having ONLY ONE authentication when discussing with several authorization servers. It is not at all SSO.

An identity provider (abbreviated IdP or IDP) is a system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network.

— https://en.wikipedia.org/wiki/Identity_provider

Notes linking here

• ambiguity
• Claim-based identities in multitenant apps
• client get proof of authentication by asking for it
• keycloak
• make sense of keycloak, openid connect, oauth 2.0, jwt, jws (blog)
• single sign-on
• trying authenticating to keycloak using google as Identity Provider
• using google as identity provider is not doing SSO

Permalink