feide connect – standard norge february 2015
TRANSCRIPT
Feide ConnectStandard Norge, Oslo, 5. februar 2015
[email protected] Åkre Solberg
ServiceProvider
OAuth 2.0 / OpenID Connect
API PlatformFeide Connect
Feide
DatakilderDatakilder
Gjestebrukere
IDporten? eduGAINGrupperPerson
søkAPI
Gatekeeper
Særdeles enkelt grensesnittOAuth2, REST
100% Selvbetjening
Andretjenester
Fremtidigetjenester..
Enterprise IdM User Centric
Batch provisioning Dynamic DataAPIs
Få store tjenester Mange små spesialiserte tjenester
Trends
SAML 1.1 WS-Federation
ID-FF 1.2 SAML 2.0
OpenID Information Card
OpenID 2 OpenID Connect
A shift towards the user centric paradigm
Enterprise User centric
OAuth 2.0
OpenID Connect
OAuth 2.0Protected APIs
Issue tokens
Access data
user tokens
Iden
tity u
ser
repr
esen
ted
by to
ken
Web clients, but also
+ Mobile + Desktop + Client to service
Mobile › In-app browser vs. › System browser + custom url scheme
15
API for person lookup – white pages
Find people by search for name, and pick «contact cards».
In use for collaboration services, where people interact with each other.
18
Person Medlemskap / rolle Gruppe Gruppetype
GOUndervisningsgruppe
Ad-Hoc gruppe UHStudieretning
Tilknyttet skole X
http://openvoot.org
ServiceProvider
OAuth 2.0 / OpenID Connect
API PlatformFeide ConnectAPI
Gatekeeper
3rd partyservice or
data source
ServiceProvider
OAuth 2.0 / OpenID Connect
API PlatformFeide Connect
Feide Gjestebrukere
IDporten? eduGAIN
Særdeles enkelt grensesnittOAuth2, REST
100% Selvbetjening
FeideOpenIdP
gjestebruker-løsning
28
etherpad demo
Non-intrusive etherpad plugin no modifications
No external dependencies whatsoever! Not even simplesamlphp ;)
Uses Feide Connect for authentication and groups.
Setup with auto-configure
Account
versus
Person
FeideID, fødselsnummer, overgang fra grunnskole til vgs til høyskole,
utvekslingsstudenter, høyskoler som slåes sammen, kommuner som slåes sammen.
Summary
Web Single Sign-OnDesktop applicationsMobile applicationsLong-lived access (tokens)GroupsGuest accountsInternational Cross-federationAuthentication and Authorizations of APIs
Feide
Summary
Web Single Sign-OnDesktop applicationsMobile applicationsLong-lived access (tokens)GroupsGuest accountsInternational Cross-federationAuthentication and Authorizations of APIs
FeideFeide Connect
Referansegruppe
› Representanter blandt tjenesteleverandører til GO.
Kontakt [email protected] Mer info feideconnect.no
Pilot Starter 1. juni 2015
Muligheter for tjenstelevandører å koble seg til en funksjonell plattform.
Kontakt [email protected] Mer info feideconnect.no
Andreas Åkre Solberg linkedin.com/in/andreassolberg
http://feideconnect.no