fi-ware access control ge (part 3) – idm oauth setup & interfaces
DESCRIPTION
FI-WARE Access Control GE (Part 3) – IdM OAuth Setup & InterfacesTRANSCRIPT
The FI-WARE Project – Base Platform for Future Service Infrastructures
Follow @FIWARE #FIWARE-AZ on Twitter !
FI-WARE Access Control GEPart 3 – IdM OAuth Setup & Interfaces
Cyril DANGERVILLE, ThalesFI-WARE / WP8 / [email protected]
The FI-WARE Project – Base Platform for Future Service Infrastructures
IdM OAuth Setup Steps
1.IdM GE steps (contact: DT (W. Steigerwald), NSN (R. Seidl))
1.Request new instance (OAuth only in R2.3.3 for NSN One-IDM)
2.Connect to the IdM Admin UI and register the following:1.Target service (OAuth Resource Server)2.Client App (OAuth Client)3.End-users (OAuth Resource Owners)
3.Check the OAuth Token Service4.Set custom user attributes with the REST API
The FI-WARE Project – Base Platform for Future Service Infrastructures
Target Service - Registration
The FI-WARE Project – Base Platform for Future Service Infrastructures
Target Service - Credentials
The FI-WARE Project – Base Platform for Future Service Infrastructures
Target Service – Add attributes to OAuth Access Token (1/2)
The FI-WARE Project – Base Platform for Future Service Infrastructures
Target Service – Add attributes to token (2/2)
The FI-WARE Project – Base Platform for Future Service Infrastructures
Client App Registration
The FI-WARE Project – Base Platform for Future Service Infrastructures
Recommendations for Client App
For implementation, check the following:OAuth 2.0 spec (RFC), §4. Obtaining Authorization, §7.
Accessing Protected Resources §5.3 Client App Security of OAuth 2.0 Threat Model and
Security Considerations (IETF RFC 6819) for implementation
The FI-WARE Project – Base Platform for Future Service Infrastructures
End-User Self Registration
The FI-WARE Project – Base Platform for Future Service Infrastructures
OAuth Token Service
The FI-WARE Project – Base Platform for Future Service Infrastructures
IdM REST API for managing user attributes
No common API among IdM GEis. SCIM standard proposed.
GCP API samples
The FI-WARE Project – Base Platform for Future Service Infrastructures
http://fi-ppp.eu
http://fi-ware.eu
Follow @FIWARE #FIWARE-AZ on Twitter !
Thanks !
12