09 Jan 2017

feedPlanet Identity

Mythics: “An Alternative Approach to IT Modernization” Whitepaper Featuring Gary Foster CIO MBTA & MassDOT

I am excited to post a blog today, which is highlighting a new whitepaper "An Alternative Approach to Modernization: IT Appliances Offer a Viable Path…

09 Jan 2017 2:14pm GMT

Radiant Logic: From VDS to a Federated Identity Service Based on Virtualization

What's in a Name? Everything… Some years ago, we put together a fun little map that shows some of the dangers our customers face in the treacherous waters of Identity Management. But now, after meeting with our customer advisory board during the recent Gartner IAM event in Las Vegas, we've had to expand the map […]

The post From VDS to a Federated Identity Service Based on Virtualization appeared first on Radiant Logic, Inc

09 Jan 2017 2:00pm GMT

Vittorio Bertocci - Microsoft: One year since “Modern Authentication with Azure Active Directory for Web Applications” came out

About one year ago, I was all excited to finally hold in my hands the thing that swallowed most of the weekends and vacation days of 2015: a paper copy of my latest book, "Modern Authentication with Azure Active Directory for web Applications". And I just realized I never wrote an "announcement" [...]

09 Jan 2017 9:05am GMT

04 Oct 2016

feedPlanet OpenID

Kaliya Hamlin: IIW 23! Register. Its going to be great!

Powered by Eventbrite

04 Oct 2016 5:48pm GMT

27 Sep 2016

feedPlanet OpenID

OpenID.net: The Foundation of Internet Identity

A very brief history of OpenID Connect


27 Sep 2016 5:22pm GMT

13 Sep 2016

feedPlanet OpenID

OpenID.net: Harmonizing IETF SCIM and OpenID Connect: Enabling OIDC Clients to Use SCIM Services

OpenID Connect(OIDC) 1.0 is a key component of the "Cloud Identity" family of standards. At Oracle, we have been impressed by its ability to support federated identity both for cloud business services and in the enterprise. This is the reason why we recently joined the OpenID Foundation as a Sustaining Corporate Member.

In addition to OIDC, we are also strong proponents of the IETF SCIM standard. SCIM provides a JSON-based standard representation for users and groups, together with REST APIs for operations over identity objects. The schema for user objects is extensible and includes support for attributes that are commonly used in business services, such as group, role and organization.

Federated identity involves two components: secure delivery of user authentication information to a relying party (RP) as well as user profile or attribute information. Many of our customers and developers have asked us: can OIDC clients interact with a SCIM endpoint to obtain or update identity data? In other words, can we combine SCIM and OIDC to solve a traditional use-case supported by LDAP for enterprise applications (bind, attribute lookup) recast for the modern frameworks of REST and cloud services.

Working collaboratively with other industry leaders, we have published just such a proposal[1]. The draft explains how an OpenID Connect RP can interact with a SCIM endpoint to obtain or update user information. This allows business services to use the standard SCIM representations for users and groups, yet have the information conveyed to the service in a single technology stack based upon the OIDC protocols.

SAML, OIDC, SCIM and OAuth are the major architectural "pillars" of cloud identity. We would like to see them work together in a uniform and consistent way to solve cloud business service use-cases. Harmonizing SCIM and OIDC is an important step in that direction.

Prateek Mishra, Oracle

[1] http://openid.net/specs/openid-connect-scim-profile-1_0.html

13 Sep 2016 7:18pm GMT