scim-docs/content/overview/identity-management.md
2024-08-29 13:48:36 +02:00

1.6 KiB
Raw Blame History

title description color weight
Identity Management What we speak about and in **which environment**. We must agree on some **different problematics** that exist to better understand why we use SCIM. yellow 1

basics of identity managment {{< grid >}} {{< card icone="user" >}}

Authentication

Who is this user ? {{< /card >}}

{{< card icone="lock" >}}

Authorization

Is this user allowed to access this resource ? {{< /card >}}

{{< card icone="cloud" >}}

Storage

Where are users identity & credentials stored? {{< /card >}}

{{< card icone="prov" >}}

Provisioning

How to manage & transfer users identity ? {{< /card >}} {{< /grid >}} illustration of loosing datas

Our environment

Our digital work environment is composed of many applications and web services. We want a seamless user experience for our free software based collaboration platform. With a Single Sign-on (SSO) system users get a unified login and logout experience but there is a catch.

Our problem

Traditional SSO protocols like OpenID Connect do not support syncing user profiles across applications. That's means :

  • users are not created by default in all apps (only after they have logged in at least once)
  • no mechanisms to propagate the deletion of users
  • So its not GDPR compliant (by default)

In essence

Current existing protocols are difficult to implement or/and to use or are custom for specific usecase then non-standardized.