yogsototh/deft

Yann Esposito (Yogsototh) 290a52fcbc

journal/2021-04-16--12-27-13Z--iroh_auth_presentation.org

2021-04-16 13:29:03 +02:00

849 B

Raw Blame History

IROH Auth Presentation

IROH Auth Presentation
What is IROH Auth?
What is IROH?
So what is IROH Auth?
History
Internal User Structure
Cisco specificity

tags

IROH Auth Presentation

Yann Esposito <yaesposi@cisco.com>

What is IROH Auth?

This is an important sub component of IROH.

What is IROH?

IROH is the main API engine behind Threat Response and SecureX.

So what is IROH Auth?

The sub-component of IROH taking care of:

authentication (from user interaction provide a user id, unique identifier)
authorizations (what can a user do)
internal user representation
- Org/Tenancy
- User
- OAuth2 Clients

History

Login using AMP SAML (generate JWT)
OAuth2 Provider (Grants)
Login using OpenID Connect with TG (client of OpenID Connect)
Users/Orgs in DB!!!
Account Activation
Become an OpenID Connect provider
OIDC with SSE

Internal User Structure

Cisco specificity