33 lines
635 B
Org Mode
33 lines
635 B
Org Mode
#+TITLE: IROH Auth Presentation
|
|
#+Author: Yann Esposito
|
|
#+Date: [2021-04-16]
|
|
|
|
- tags ::
|
|
|
|
* IROH Auth Intro
|
|
|
|
Yann Esposito <yaesposi@cisco.com>
|
|
|
|
** What is IROH Auth
|
|
|
|
A sub-system of IROH handling authentication, authorizations and
|
|
user/org/tenancy management.
|
|
|
|
|
|
** What is IROH
|
|
|
|
IROH is the main API engine behind Threat Response and SecureX.
|
|
|
|
|
|
** History
|
|
|
|
1. Login using AMP SAML (generate JWT)
|
|
2. OAuth2 Provider (Grants)
|
|
3. Login using OpenID Connect with TG (client of OpenID Connect)
|
|
4. Users/Orgs in DB!!!
|
|
5. Account Activation
|
|
6. Become an OpenID Connect provider
|
|
7. OIDC with SSE
|
|
|
|
* Internal User Structure
|
|
* Cisco specificity
|