libre.sh/scim-docs
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
scim-docs/content/overview/identity-management.md

41 lines
1.6 KiB
Markdown
Raw Normal View History

Initial commit
2024-08-29 10:10:19 +00:00
---
title: Identity Management
description : "What we speak about and in **which environment**. We must agree on some **different problematics** that exist to better understand why we use SCIM."
color : yellow
weight : 1
---
v0
2024-08-29 11:48:36 +00:00
![basics of identity managment](media/illus-basics.svg)
Initial commit
2024-08-29 10:10:19 +00:00
{{< grid >}}
{{< card icone="user" >}}
#### Authentication
Who is this user ?
{{< /card >}}
{{< card icone="lock" >}}
#### Authorization
Is this user allowed to access this resource ?
{{< /card >}}
{{< card icone="cloud" >}}
#### Storage
Where are users identity & credentials stored?
{{< /card >}}
{{< card icone="prov" >}}
#### Provisioning
How to manage & transfer users identity ?
{{< /card >}}
{{< /grid >}}
v0
2024-08-29 11:48:36 +00:00
<img alt="illustration of loosing datas" src="media/illus-loose-data.svg" class="float-right">
Initial commit
2024-08-29 10:10:19 +00:00
### Our environment
Our digital work environment is composed of **many applications** and web services. We want a **seamless user experience** for our free software based collaboration platform. With a **Single Sign-on (SSO)** system users get a unified login and logout experience but there is a catch.
### Our problem
Traditional SSO protocols like OpenID Connect do **not support syncing user profiles across applications.** That's means :
* **users are not created by default in all apps** (only after they have logged in at least once)
* **no mechanisms to propagate the deletion of users**
* So its **not GDPR compliant** (by default)
#### In essence
<mark>Current existing protocols are **difficult to implement or/and to use** or are **custom for specific usecase** then **non-standardized**.</mark>
Reference in a new issue Copy permalink