Thursday, March 10, 2016

Identity Patterns with the WSO2 Identity Server
Provision federated users by the identity provider

Problem:
  • The business users need to login to multiple service providers via multiple identity providers. For example login to Drupal via Facebook or Yahoo! credentials. 
  • Irrespective of the service provider, need to group federated users by the identity provider and store all the user attributes locally. For example, the identity admin should be able to find all the Facebook user or the Yahoo users who have accessed the system (i.e. login to any service provider)
Solution:
  • Deploy WSO2 Identity Server over multiple user stores and name each user store after the name of the corresponding identity provider. 
  • Represent each federated identity provider in Identity Server. For example, represent Facebook as an identity provider in Identity Server. 
  • Enable JIT provisioning for each identity provider, and pick the user store domain to provision users. 
  • Products: WSO2 Identity Server 5.0.0+ 

0 comments: