Identity Management

Illustation of the basics of identity magagment

Authentication

Who is this user ?

Authorization

Is this user allowed to access this resource ?

Storage

Where are user’s identity & credentials stored?

Provisioning

How to manage & transfer user’s identity ?

illustration of losing data

Our environment

Our digital work environment is composed of many applications and web services. We want a seamless user experience for our free software based collaboration platform. With a Single Sign-on (SSO) system users get a unified login and logout experience but there is a catch.

Our problem

Traditional SSO protocols like OpenID Connect do not support syncing user profiles across applications. That’s means :

  • users are not created by default in all apps (only after they have logged in at least once)
  • no mechanisms to propagate the deletion of users
  • So its not GDPR compliant (by default)

In essence

Current existing protocols are difficult to implement or/and to use or are custom for specific use case then non-standardized.