Skip to main content

Identity & Service providers

Description

Soffid Identity Federation addon helps administrators to manage an Identity Federation. With Soffid you can manage the whole federation security configuration, increasing the security while reducing the federation management costs. Soffid can also act as a Service Provider, serving identities to any SAML capable application server.

The main supported standard is SAML. SAML allows to completely detach the identification process from web applications,  known as Service Providers. With SAML, identification is performed by specialized servers known as Identity Providers.  Additionaly, some other, less secure, but some times convenient protocols like OAuth (Open Authorization) and OpenID-Connect protocols are supported. Elder protocols like Openid (do not confuse with OpenID-Connect) are deprecated and no  longer supported.

You can visit the Introduction page to find more information about the federation members.

Screen overview

&&TODO&& Poner un vide de una configuración complete?????????????????????????

 

Federation members

Entity Group

An entity group is just like a folder that allows you to manage different kinds of federation members. One of the most common ways to group federation members is by trust level.

Visit the Entity Group page to know more.

Identity Provider

An Identity Provider is responsible for identifying users. Also, it is responsible for giving service providers information regarding the identified user.

Visit the Identity Provider page to know more.

Virtual Identity Provider

A single identity provider usually offers different profiles or service levels to diffeferent service provider. To be able to define this behavior, any Identity Provider can be split into many virtual identity providers. Those identity providers will be served by the same actual identity provider, but they will have different profile configurations.

Visit the Virtual Identity Provider page to know more.

Service Provider

The Service Providers are standard applications that rely on Identity Providers to let the users log in.

Visit the Service Provider page to know more.

Actions

&&TODO&& 

https://en.wikipedia.org/wiki/Identity_provider

Back to top