IdP
- tags
- Security
Summary #
This is the SSO service.
- The Identity Provider authenticates the user and provides an authentication token (that is, information that verifies the authenticity of the user) to the service provider.
- The identity provider does either of the following authentication:
- Direct user authentication. For example, validating a user name and password.
- Indirect user authentication. For example, validating an assertion about the user identity as presented by a separate identity provider.
- The identity provider handles the management of user identities to free the Service Provider from this responsibility.
IdP vs Authorization Server #
- tags
- diff
In summary, an identity provider is the software component that authenticates and issues a token representing a user or other entity, while an authorization server is the server software component that validates and provides tokens that represent a user or other entity. ref