1.4 KiB
1.4 KiB
IROH Auth Presentation
- IROH Auth Presentation
- What is IROH-Auth? (overview)
- What is IROH-Auth? (technical)
- History
- Internal User Structure
- Cisco specificity
- tags
- Cisco
IROH Auth Presentation
Yann Esposito <yaesposi@cisco.com>
What is IROH-Auth? (overview)
This is a software subcomponent of IROH taking care of:
-
Authentication
- provide a user unique identifier
-
Authorization
- decide what user can or cannot do
- User Data Model
- Tenancy (Org) Management
- API Clients Management
What is IROH-Auth? (technical)
IROH-Auth is a set of Services within IROH some of them exposing HTTP APIs.
- Grant Service (User's client authorizations) grant_service.clj idp_migrate_service.clj idp_migrate_web_service.clj invite_service.clj invite_web_service.clj iroh_auth_mgmt_service.clj iroh_auth_service.clj iroh_auth_web_service.clj oauth2_client_preset_service.clj oauth2_client_service.clj oauth2_client_web_service.clj oauth2_service.clj oauth2_web_service.clj org_service.clj profile_web_service.clj provisioning_service.clj provisioning_web_service.clj scim_client_service.clj session_web_service.clj user_service.clj user_web_service.clj
History
- Login using AMP SAML (generate JWT)
- OAuth2 Provider (Grants)
- Login using OpenID Connect with TG (client of OpenID Connect)
- Users/Orgs in DB!!!
- Account Activation
- Become an OpenID Connect provider
- OIDC with SSE