The Identity and Access Management Service provides a layer where identities, enrollment, group membership and other attributes and authorization policies on distributed resources can be managed in an homogeneous way, supporting the federated authentication mechanisms supported by the INDIGO AAI. The IAM service provides user identity and policy information to services so that consistent authorization decisions can be enforced across distributed services.
Release Notes v0.3.0
This is the first public release of the INDIGO Identity and Access Management Service.
The IAM is an OpenID-connect identity provider which provides:
- OpenID-connect and OAuth client registration and management (leveraging and extending the MitreID connect server functionality
- SCIM user and group provisioning and management
- A partial implementation of the OAuth Token Exchange draft standard for OAuth token delegation and impersonation
- The IAM service is currently distributed as a docker image from Dockerhub, so in order to run the service, you will need Docker v. 1.11.1 or greater. If you want to use docker-compose to deploy the service, you will also need docker-compose v.1.7.0 or greater.
List of RfCs
- Please read the Deployment and Administration guide
- Documentation on how to build and run the service can be found in the IAM GitBook manual or on Github.
List of Artifacts