Prabath Siriwardena     (@prabath)Senior Software Architect
2012	  :	  SCIM	  1.1	                                                                      2011	  :	  SCIM	  1.0	        ...
/Users	                                        SCIM	  Service	                                          Provider	  SCIM	  ...
add-­‐user.json	  	       {	       	  "schemas":[],	       	  "name":{"familyName":”siriwardena","givenName":”prabath"},	 ...
add-­‐group.json	  	       {	       	  	  "schemas":	  ["urn:scim:schemas:core:1.0"],	       	  	  "id":	  "idnext",	     ...
Domain	  A	       Provisioning       Service                                                                Provisioning  ...
Domain	  A	       Provisioning       Service                                                                       Provisi...
Domain	  A	       Provisioning                                                                                            ...
Domain	  A	       Provisioning                                                                                            ...
Domain	  A	           Provisioning                   3                                       SAML2 IdP           Service  ...
Domain	  A	                                     4         Provisioning                   3                                ...
Provisioning               Service               Provider                                                                 ...
OAuth 2.0                                Authorization                                   Server                           ...
OAuth 2.0                                Authorization                                   Server                           ...
Resource	  	         Action	                                          Resource	                                           ...
OAuth 2.0                                    Authorization                                       Server                   ...
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Upcoming SlideShare
Loading in...5
×

Open Standard Based identity Provisioning System for Cloud

989

Published on

Open Standard Based identity Provisioning System for Cloud @ Identity.Next 2012 - Netherlands.

Published in: Education
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
989
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
30
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Open Standard Based identity Provisioning System for Cloud

  1. 1. Prabath Siriwardena (@prabath)Senior Software Architect
  2. 2. 2012  :  SCIM  1.1   2011  :  SCIM  1.0   2011  :  RESTPML   2010  :  SCIM  community   2006  :  SPML  2.0  2003  :  SPML  1.0   2003  :  WS-­‐Provisioning   2001  :  OASIS  PS  TC  
  3. 3. /Users   SCIM  Service   Provider  SCIM  Consumer   /Groups  
  4. 4. add-­‐user.json     {    "schemas":[],    "name":{"familyName":”siriwardena","givenName":”prabath"},    "userName":”prabath","password":”prabath123",    "emails":[{"primary":true,"value":”prabath@yahoo.com","type":"home"},          {"value":”prabath@wso2.com","type":"work"}]   }  curl  command  curl  -­‐v  -­‐k  -­‐-­‐user  admin:admin  -­‐d  @add-­‐user.json  -­‐-­‐header  "Content-­‐Type:application/json"  https://localhost:9443/wso2/scim/Users  
  5. 5. add-­‐group.json     {      "schemas":  ["urn:scim:schemas:core:1.0"],      "id":  "idnext",      "displayName":  "IdentityNext",   }  curl  command  curl  -­‐v  -­‐k  -­‐-­‐user  admin:admin  -­‐d  @add-­‐group.json  -­‐-­‐header  "Content-­‐Type:application/json"  https://localhost:9443/wso2/scim/Groups  
  6. 6. Domain  A   Provisioning Service Provisioning Provider Service Provider Domain  B   Provisioning Service SCIM  Consumer   Provider Domain  C   One    way  provisioning  
  7. 7. Domain  A   Provisioning Service Provisioning Provider Service Provider Domain  B   Provisioning SCIM  Consumer   Service Provider Domain  C   One  way  provisioning  with  broker  mode  
  8. 8. Domain  A   Provisioning SCIM  Consumer   Service Provisioning Provider Service Provider Domain  B   Provisioning SCIM  Consumer   Service Provider Domain  C   SCIM  Consumer   Bi-­‐directional  provisioning  
  9. 9. Domain  A   Provisioning SCIM  Consumer   Service Provisioning Provider Service Provider Provisioning Service Provider Domain  B   Provisioning SCIM  Consumer   Service Provider Domain  C   SCIM  Consumer   Multi-­‐directional  provisioning  with  a  centralized  PSP  
  10. 10. Domain  A   Provisioning 3 SAML2 IdP Service Provider 24 1 Domain  B   Just-­‐in-­‐time  provisioning  with  SAML2  
  11. 11. Domain  A   4 Provisioning 3 SAML2 IdP Service Provider 25 1 Domain  B   Just-­‐in-­‐time  provisioning  with  SAML2  
  12. 12. Provisioning Service Provider facilelogin.com   wso2.com   SCIM  Consumer  (wso2.com)  SCIM  Consumer  (facilelogin.com)  
  13. 13. OAuth 2.0 Authorization Server Bearer  Token   Provisioning Service ProviderSCIM  Consumer    
  14. 14. OAuth 2.0 Authorization Server Validate()   Bearer  Token   Provisioning Service ProviderSCIM  Consumer    
  15. 15. Resource     Action   Resource   Owner   Client   Scope   Provisioning Service ProviderSCIM  Consumer    
  16. 16. OAuth 2.0 Authorization Server Validate()   XACML   Request   Permit/ Provisioning Deny/…   Service ProviderSCIM  Consumer     XACML PDP
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×