Authenticator and provisioning connector in wso2 Identity Server
-
Upload
rajendram-kathees -
Category
Software
-
view
152 -
download
4
Transcript of Authenticator and provisioning connector in wso2 Identity Server
![Page 1: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/1.jpg)
Authenticator and Provisioning Connectors in WSO2 IS
Rajjaz Mohammed, WSO2Email: [email protected]
Kathees Rajendram, WSO2Email: [email protected]
![Page 2: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/2.jpg)
Agenta
o Introduction
o Product Overview
o Authentication
o OAuth2/OpenID connect Authentication
o Multi Factor Authentication
o User Provisioning & Management
o Demo
![Page 3: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/3.jpg)
Introduction
![Page 4: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/4.jpg)
Why ?
o Bring Your Own Identity
o Identity is maintained in one domain, accessed in other domains
o Social network identities (Facebook, LinkedIN, Google)
o Open APIs
o Multi Factor Authentication support
o Bring Your Own Device
![Page 5: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/5.jpg)
Product Overview
![Page 6: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/6.jpg)
WSO2 Identity Servero 5th Generation Product
o Current version 5.1.0
o Why did we build it?
o Federated identity and entitlement is a key part of any distributed architecture
o SSO is important but need to federate and bridge across SSOs
o Based on WSO2 Carbon platform, which provides support for multi-tenancy, logging, clustering, and other common services
![Page 7: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/7.jpg)
Architecture
![Page 8: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/8.jpg)
Benefits
o Scenario-driven configuration
o Large number of scenarios supported out of the box,through simple configuration
o Single Sign On
o Federated Identity
o User Provisioning and Management
o Extensible & Customizable - Custom Authenticators
![Page 9: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/9.jpg)
Authentication & SSO
![Page 10: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/10.jpg)
Authentication
o Extensible user stores integration
o Security for APIs and Web Services
o Web Single Sign On for heterogeneous systems
o Highly configurable and extensible authentication flows
o Federation and Social integration
![Page 11: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/11.jpg)
Authenticatorso Local Authenticators
o Basic Authenticator - Username, password
o IWA and X509 Authenticator – Zero password login
o FIDO (Fast Identity Online) - Multi Factor authentication
o Federated
o OAuth2/OpenID Connect Authenticator - LinkedIn, Facebook and Twitter
o Two factor Authenticator- Mepin, Clef, Tiqr, SMS and Email OTP
o SAML 2.0 Web SSO Authenticator
o WS-Federation (Passive) Authenticator
![Page 12: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/12.jpg)
OAuth2/OpenID Connect Authenticator
![Page 13: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/13.jpg)
Understanding OAuth 2.0
![Page 14: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/14.jpg)
Amazon Authenticator
![Page 15: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/15.jpg)
Multi Factor Authenticator
![Page 16: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/16.jpg)
Configurable Authentication Flow
o Multi-Step : Add any number of authentication steps
o Multi-Option : Add any number of authenticators for a step
![Page 17: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/17.jpg)
Multi-Option Authentication Flow
![Page 18: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/18.jpg)
Clef Authenticator
o Two factor authenticatoro Scanning dancing wave using Phone
![Page 19: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/19.jpg)
https://store.wso2.com/store/assets/isconnector
WSO2 IS Store….
![Page 20: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/20.jpg)
User Provisioning and Management
![Page 21: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/21.jpg)
Provisioning and Management
o Just In Time Provisioning
o Highly extensible User Provisioning Framework
o Users and groups management
o Accounts and Policies Management
o Self Service Dashboard
o Logging and Monitoring
o Custom user management workflows – user specificapprovals, multi-step approvals, approvals requiring multiple roles
![Page 22: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/22.jpg)
Just In Time Provisioning
o Federated Identities can be provisioned into the WSO2Identity Server while federating
o Users can be provisioned to any primary or secondaryuser store
o JIT provisioned users can be provisioned to any othersystems instantly
![Page 23: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/23.jpg)
Demo
![Page 24: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/24.jpg)
Q & A
![Page 25: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/25.jpg)
Thank You!
![Page 26: Authenticator and provisioning connector in wso2 Identity Server](https://reader036.fdocuments.us/reader036/viewer/2022062316/58ef6a301a28ab592b8b45c1/html5/thumbnails/26.jpg)
References
https://docs.wso2.com/display/IS510/Architecturehttps://docs.wso2.com/display/ISCONNECTORS/Creating+a+Third+Party+Authenticator+or+Connector+and+Publishing+in+WSO2+Storehttps://docs.wso2.com/display/ISCONNECTORS/Clef+Authenticatorhttps://store.wso2.com/store/assets/isconnector?sort=recenthttps://github.com/wso2-extensions/archetypes/blob/master/is-authenticator-archetype/setup.txthttp://wso2experience.blogspot.com/2016/01/wso2-is-custom-authenticator.html