IdP

IdP

March 30, 2024 | seedling, permanent

tags
Security

Summary #

This is the SSO service.

  • The Identity Provider authenticates the user and provides an authentication token (that is, information that verifies the authenticity of the user) to the service provider.
  • The identity provider does either of the following authentication:
    1. Direct user authentication. For example, validating a user name and password.
    2. Indirect user authentication. For example, validating an assertion about the user identity as presented by a separate identity provider.
    3. The identity provider handles the management of user identities to free the Service Provider from this responsibility.

IBM, ref

IdP vs Authorization Server #

tags
diff

In summary, an identity provider is the software component that authenticates and issues a token representing a user or other entity, while an authorization server is the server software component that validates and provides tokens that represent a user or other entity. ref