Oggi Matteo ci parla di WSO2 Identity Server Adaptive authentication
Scaletta del talk:
Introduzione: Chi è Profesia/WSO2
Cosa è un Identity server
Ruolo di Identity server in architettura
Panoramica feature Identity server
Configurazione social Google
Login con google e non con un esempio
Considerazioni finali
Relatore: Matteo Bordin, Principal Architect e WSO2 Certified in Profesia Srl
Vuoi saperne di più? Scrivi a wso2.sales@profesia.it
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Wso2 italia open break session #3 - Identity Server
1.
2.
3.
4. WSO2 Identity Server è un prodotto IAM open source, estendibile,
ottimizzato per la federazione delle identità e SSO (single sign-on) con il
completo supporto all'autenticazione adattiva,multi-fattore e la
sicurezza delle API.
Semplifica la configurazione di un ecosistema federato di gestione delle
identità e garantisce un accesso sicuro ad applicazioni Web/mobile,
end-point in ambienti locali e cloud.
WSO2 Identity Server include tutte le sue estensioni con la licenza
commerciale Apache 2.0.
5. IAM capability
Identity Federation and
SSO
Identity Bridging
Strong and Adaptive
authentication
API and Microservice security
Access Control
Account Management and Identity
Provisioning
Privacy Regulation Compliance
Identity Analytics
6. Identity Federation and SSO
SSO
● Unique Login
● One Credential
● One Identity manager
Federation
● BYOID
● Social Login
7. Identity Bridging
Exchanging identity attributes and authentication decisions between
heterogeneous identity systems and protocols.
Exchanging:
● Token di accesso (OIDC, SAML2, WS-Federation ...)
● Claim
● User Provisioning (SCIM<-> SOAP, Google, Salesforce ...)
9. API and Microservice security
Protocols:
● OAuth2
● OIDC
Profile
● microprofile JWT 1.0
● role-based
Grant Type:
● SAML2
● JWT-Assertion
● NTLM-IWA
10. Access Control
Access Control
● fine-grained access control policies
● policy decision point for third-party
applications.
● user entitlements
● role-based access control.
● XACML
○ fine-grained policy-based access
control
○ user-friendly policy administration
(PAP)
○ REST profile support
11. Account Management and
Identity Provisioning
Features:
● Self-service interface for user
management
● InBound, OutBound Just-in-time (JIT)
provisioning
● User Association
● Multi userstore
17. Conclusioni
● WSO2 is the leader in open source IAM
● Capabilities for securing APIs and CIAM
● Identity federation
● SSO
● Strong and adaptive authentication
● Privacy compliance
● Single solution for common identity requirements
● Extensible
● Integrated in API management and Enterprise
Integrator