#+TITLE: IROH Auth Presentation
#+Author: Yann Esposito
#+Date: [2021-04-16]

- tags ::

* IROH Auth Intro

Yann Esposito <yaesposi@cisco.com>

* What is IROH Auth

A sub-system of IROH handling authentication, authorizations and
user/org/tenancy management.

* What is IROH

IROH is the main API engine behind Threat Response and SecureX.

* History

1. Login using AMP SAML (generate JWT)
2. OAuth2 Provider (Grants)
3. Login using OpenID Connect with TG (client of OpenID Connect)
4. Users/Orgs in DB!!!
5. Account Activation
6. Become an OpenID Connect provider
7. OIDC with SSE

* Internal User Structure
* Cisco specificity