This post describes how to configure OpenID Connect (OIDC) authentication using an external Identity Provider (IdP). With the new release of Red Hat 3scale API Management, version 2.3, it is possible to use any OIDC-compliant IdP during the API authentication phase. This is a very important new feature because it makes it possible to integrate any IdP already present in your environment—without having to use an Identity Broker—thus reducing overall complexity.
Continue reading “Integrating third-party identity providers with Red Hat 3scale API Management”
In my last article, I wrote about how API Management and Identity Management can work together in a complementary fashion to secure and manage the services/endpoints which applications expose as APIs. In that article I covered how Red Hat 3scale API Management can be used to integrate an identity manager, in addition to providing API management functions such as rate limiting and throttling.
Continue reading 3Scale by Red Hat Integration with ForgeRock using OpenID Connect
Today’s modern infrastructure faces the complex challenge of managing user’s access to the resources. To protect system and data integrity, companies have implemented identity and access management (IAM) solutions for their in-house systems. IAM solutions address three major concepts: identity, authentication, and authorization. Their job is to ensure that only authenticated and authorized users have access to resources or information. Every IAM solution on the market provides a great set of features such as:
- Single Sign-On (SSO)
- Centralized policy-based authentication and authorization
- Identity federation
Continue reading “3scale by Red Hat API and Identity Management Series”
In this post, I will provide a walk through of how to set up Identity Brokering on an RH-SSO server.
Red Hat Single Sign-On (RH-SSO) provides Web single sign-on and identity federation based on SAML 2.0, OpenID Connect and OAuth 2.0 specifications.
For this tutorial, you will need:
- An RH-SSO Instance.
- A Web/Mobile Application with an OpenID Connect adapter.
- An OpenID Connect Provider Server (Such as Keycloak) to be used as the 3rd Party Identity Provider.
Continue reading “OpenID Connect Identity Brokering with Red Hat Single Sign-On”