TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 11:34:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
1de9d15690
zitadel/site/docs/administrate/08-providers.en.md
Florian Forster 9f0638fac9
chore: spell check automation and spellcheck (#889) 
* test spell check

* fix indenting

* test

* add something to test

* test spellcheck

* spelling improvements

* improve spelling and ignore list

* Update site/docs/start/00-quick-start.de.md
2020-10-26 13:54:29 +01:00

73 lines
1.8 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: Identity Providers
---
### What are Identity Providers
Identity providers or in short idps are external systems to which **ZITADEL** can create a **federation** or use their **directory service**.
Normally federation uses protocols like [OpenID Connect 1.0](https://openid.net/connect/), [OAuth 2.0](https://oauth.net/2/) and [SAML 2.0](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html).
Some examples include:
#### Social Providers
- Google Account
- Microsoft Live Account
- Apple ID
- GitHub
- GitLab
- ...
#### Enterprise Providers**
- Azure AD Tenant
- Gsuite hosted domain
- ...
### Generic
- ADFS
- ADDS
- Keycloak
- LDAP
### What is Identity Brokering
ZITADEL supports the usage as identity broker, by linking multiple external idps into one user.
With identity brokering the client which relies on ZITADEL does not need to care about the linking of identity.
### Manage Identity Providers
> Screenshot here
### Federation Protocols
Currently supported are the following protocols.
- OpenID Connect 1.0
- OAuth 2.0
SAML 2.0 will follow later on.
### Storage Federation
> This is a work in progress.
Storage federation is a means of integrating existing identity storage like [LDAP](https://tools.ietf.org/html/rfc4511) and [ADDS](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview).
With this process **ZITADEL** can authenticate users with LDAP Binding and SPNEGO for ADDS. It is also possible to synchronize the users just-in-time or scheduled.
#### Sync Settings
Here we will document all the different sync options
- Read-only
- Writeback
- just-in-time sync
- scheduled sync
> TBD
### Audit identity provider changes
> Screenshot here
Reference in New Issue View Git Blame Copy Permalink