SlideShare a Scribd company logo

FI-WARE Access Control GE (Part 3) – IdM OAuth Setup & Interfaces

Download as PPTX, PDF
C
cdanger

FI-WARE Access Control GE (Part 3) – IdM OAuth Setup & Interfaces

Software
1 of 12
Follow @FIWARE #FIWARE-AZ on Twitter ! The FI-WARE Project – Base Platform for Future Service Infrastructures FI-WARE Access Control GE Part 3 – IdM OAuth Setup & Interfaces Cyril DANGERVILLE, Thales FI-WARE / WP8 / T8.2 fiware-api-cross@lists.fi-ware.eu
IdM OAuth Setup Steps 1. IdM GE steps (contact: DT (W. Steigerwald), NSN (R. Seidl)) 1. Request new instance (OAuth only in R2.3.3 for NSN One-IDM) 2. Connect to the IdM Admin UI and register the following: 1. Target service (OAuth Resource Server) 2. Client App (OAuth Client) 3. End-users (OAuth Resource Owners) 3. Check the OAuth Token Service 4. Set custom user attributes with the REST API The FI-WARE Project – Base Platform for Future Service Infrastructures
Target Service - Registration The FI-WARE Project – Base Platform for Future Service Infrastructures
Target Service - Credentials The FI-WARE Project – Base Platform for Future Service Infrastructures
Target Service – Add attributes to OAuth Access Token (1/2) The FI-WARE Project – Base Platform for Future Service Infrastructures
Target Service – Add attributes to token (2/2) The FI-WARE Project – Base Platform for Future Service Infrastructures
Client App Registration The FI-WARE Project – Base Platform for Future Service Infrastructures
Recommendations for Client App  For implementation, check the following:  OAuth 2.0 spec (RFC), §4. Obtaining Authorization, §7. Accessing Protected Resources  §5.3 Client App Security of OAuth 2.0 Threat Model and Security Considerations (IETF RFC 6819) for implementation The FI-WARE Project – Base Platform for Future Service Infrastructures
End-User Self Registration The FI-WARE Project – Base Platform for Future Service Infrastructures
OAuth Token Service The FI-WARE Project – Base Platform for Future Service Infrastructures
IdM REST API for managing user attributes  No common API among IdM GEis. SCIM standard proposed.  GCP API samples The FI-WARE Project – Base Platform for Future Service Infrastructures
Thanks ! http://fi-ppp.eu http://fi-ware.eu Follow @FIWARE #FIWARE-AZ on Twitter ! The FI-WARE Project – Base Platform for Future Service Infrastructures 11

Recommended

FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)
FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)
FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)cdanger
 
Authentication and single sign on (sso)
Authentication and single sign on (sso)Authentication and single sign on (sso)
Authentication and single sign on (sso)Kumaresh Chandra Baruri
 
KeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREKeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREÁlvaro Alonso González
 
UMA for ACE
UMA for ACEUMA for ACE
UMA for ACEHannes Tschofenig
 
Securing APIs with oAuth2
Securing APIs with oAuth2Securing APIs with oAuth2
Securing APIs with oAuth2Michae Blakeney
 
Rest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityRest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityMohammed Fazuluddin
 
Adding identity management and access control to your app
Adding identity management and access control to your appAdding identity management and access control to your app
Adding identity management and access control to your appÁlvaro Alonso González
 
Visio Diagram of a user SSO Flow
Visio Diagram of a user SSO FlowVisio Diagram of a user SSO Flow
Visio Diagram of a user SSO FlowMike Reams
 

Recommended

FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)
FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)
FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)cdanger
 
Authentication and single sign on (sso)
Authentication and single sign on (sso)Authentication and single sign on (sso)
Authentication and single sign on (sso)Kumaresh Chandra Baruri
 
KeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREKeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREÁlvaro Alonso González
 
UMA for ACE
UMA for ACEUMA for ACE
UMA for ACEHannes Tschofenig
 
Securing APIs with oAuth2
Securing APIs with oAuth2Securing APIs with oAuth2
Securing APIs with oAuth2Michae Blakeney
 
Rest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityRest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityMohammed Fazuluddin
 
Adding identity management and access control to your app
Adding identity management and access control to your appAdding identity management and access control to your app
Adding identity management and access control to your appÁlvaro Alonso González
 
Visio Diagram of a user SSO Flow
Visio Diagram of a user SSO FlowVisio Diagram of a user SSO Flow
Visio Diagram of a user SSO FlowMike Reams
 
Gravitee.io
Gravitee.ioGravitee.io
Gravitee.ioKnoldus Inc.
 
Security in mulesoft
Security in mulesoftSecurity in mulesoft
Security in mulesoftakshay yeluru
 
Security components in mule esb
Security components in mule esbSecurity components in mule esb
Security components in mule esbhimajareddys
 
Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)Mike Reams
 
CIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCloudIDSummit
 
How to Adapt Authentication and Authorization Infrastructure of Applications ...
How to Adapt Authentication and Authorization Infrastructure of Applications ...How to Adapt Authentication and Authorization Infrastructure of Applications ...
How to Adapt Authentication and Authorization Infrastructure of Applications ...Hoang Tri Vo
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native EraWSO2
 
Api security
Api security Api security
Api security teodorcotruta
 
OAuth2 Introduction
OAuth2 IntroductionOAuth2 Introduction
OAuth2 IntroductionArpit Suthar
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSalesforce Developers
 
Deep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsDeep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsSalesforce Developers
 
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...CA Technologies
 
Secure Code Warrior - Trust no input
Secure Code Warrior - Trust no inputSecure Code Warrior - Trust no input
Secure Code Warrior - Trust no inputSecure Code Warrior
 
APIdays Paris 2019 : Financial-grade API (FAPI) Security Profile
APIdays Paris 2019 : Financial-grade API (FAPI) Security ProfileAPIdays Paris 2019 : Financial-grade API (FAPI) Security Profile
APIdays Paris 2019 : Financial-grade API (FAPI) Security ProfileHitachi, Ltd. OSS Solution Center.
 
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...Eric Shupps
 
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET CoreVladimir Bychkov
 
Cryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone
 
Using ring central call log api
Using ring central call log apiUsing ring central call log api
Using ring central call log apiAnirban Sen Chowdhary
 
Best Practices for API Security
Best Practices for API SecurityBest Practices for API Security
Best Practices for API SecurityMuleSoft
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationAdding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationÁlvaro Alonso González
 
Orion context broker webminar 2013 06-19
Orion context broker webminar 2013 06-19Orion context broker webminar 2013 06-19
Orion context broker webminar 2013 06-19Fermin Galan
 
Orion context broker webminar 2013 05-30
Orion context broker webminar 2013 05-30Orion context broker webminar 2013 05-30
Orion context broker webminar 2013 05-30Fermin Galan
 

More Related Content

What's hot

Security in mulesoft
Security in mulesoftSecurity in mulesoft
Security in mulesoftakshay yeluru
 
Security components in mule esb
Security components in mule esbSecurity components in mule esb
Security components in mule esbhimajareddys
 
Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)Mike Reams
 
CIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCloudIDSummit
 
How to Adapt Authentication and Authorization Infrastructure of Applications ...
How to Adapt Authentication and Authorization Infrastructure of Applications ...How to Adapt Authentication and Authorization Infrastructure of Applications ...
How to Adapt Authentication and Authorization Infrastructure of Applications ...Hoang Tri Vo
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native EraWSO2
 
OAuth2 Introduction
OAuth2 IntroductionOAuth2 Introduction
OAuth2 IntroductionArpit Suthar
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSalesforce Developers
 
Deep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsDeep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsSalesforce Developers
 
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...CA Technologies
 
Secure Code Warrior - Trust no input
Secure Code Warrior - Trust no inputSecure Code Warrior - Trust no input
Secure Code Warrior - Trust no inputSecure Code Warrior
 
APIdays Paris 2019 : Financial-grade API (FAPI) Security Profile
APIdays Paris 2019 : Financial-grade API (FAPI) Security ProfileAPIdays Paris 2019 : Financial-grade API (FAPI) Security Profile
APIdays Paris 2019 : Financial-grade API (FAPI) Security ProfileHitachi, Ltd. OSS Solution Center.
 
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...Eric Shupps
 
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET CoreVladimir Bychkov
 
Cryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone
 
Best Practices for API Security
Best Practices for API SecurityBest Practices for API Security
Best Practices for API SecurityMuleSoft
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationAdding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationÁlvaro Alonso González
 

What's hot (20)

Gravitee.io
Gravitee.ioGravitee.io
Gravitee.io
 
Security in mulesoft
Security in mulesoftSecurity in mulesoft
Security in mulesoft
 
Security components in mule esb
Security components in mule esbSecurity components in mule esb
Security components in mule esb
 
Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)
 
CIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John Bradley
 
How to Adapt Authentication and Authorization Infrastructure of Applications ...
How to Adapt Authentication and Authorization Infrastructure of Applications ...How to Adapt Authentication and Authorization Infrastructure of Applications ...
How to Adapt Authentication and Authorization Infrastructure of Applications ...
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native Era
 
Api security
Api security Api security
Api security
 
OAuth2 Introduction
OAuth2 IntroductionOAuth2 Introduction
OAuth2 Introduction
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access Controls
 
Deep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsDeep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected Apps
 
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...
 
Secure Code Warrior - Trust no input
Secure Code Warrior - Trust no inputSecure Code Warrior - Trust no input
Secure Code Warrior - Trust no input
 
APIdays Paris 2019 : Financial-grade API (FAPI) Security Profile
APIdays Paris 2019 : Financial-grade API (FAPI) Security ProfileAPIdays Paris 2019 : Financial-grade API (FAPI) Security Profile
APIdays Paris 2019 : Financial-grade API (FAPI) Security Profile
 
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...
 
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
 
Cryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined Perimeter
 
Using ring central call log api
Using ring central call log apiUsing ring central call log api
Using ring central call log api
 
Best Practices for API Security
Best Practices for API SecurityBest Practices for API Security
Best Practices for API Security
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationAdding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your Application
 

Similar to FI-WARE Access Control GE (Part 3) – IdM OAuth Setup & Interfaces

Orion context broker webminar 2013 06-19
Orion context broker webminar 2013 06-19Orion context broker webminar 2013 06-19
Orion context broker webminar 2013 06-19Fermin Galan
 
Orion context broker webminar 2013 05-30
Orion context broker webminar 2013 05-30Orion context broker webminar 2013 05-30
Orion context broker webminar 2013 05-30Fermin Galan
 
APIdays Paris 2019 - What are protected and secured by security requirements ...
APIdays Paris 2019 - What are protected and secured by security requirements ...APIdays Paris 2019 - What are protected and secured by security requirements ...
APIdays Paris 2019 - What are protected and secured by security requirements ...apidays
 
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachiapidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachiapidays
 
FIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE
 
Fido uaf-overview-v1.1-rd-20161005
Fido uaf-overview-v1.1-rd-20161005Fido uaf-overview-v1.1-rd-20161005
Fido uaf-overview-v1.1-rd-20161005Jaime Ruiz
 
Attacks-From-a-New-Front-Door-in-4G-5G-Mobile-Networks.pdf
Attacks-From-a-New-Front-Door-in-4G-5G-Mobile-Networks.pdfAttacks-From-a-New-Front-Door-in-4G-5G-Mobile-Networks.pdf
Attacks-From-a-New-Front-Door-in-4G-5G-Mobile-Networks.pdfssuser8b461f
 
MS TechDays 2011 - WCF Web APis There's a URI for That
MS TechDays 2011 - WCF Web APis There's a URI for ThatMS TechDays 2011 - WCF Web APis There's a URI for That
MS TechDays 2011 - WCF Web APis There's a URI for ThatSpiffy
 
Summit 16: Open-O Mini-Summit - VF Event Streaming Project Proposal
Summit 16: Open-O Mini-Summit - VF Event Streaming Project ProposalSummit 16: Open-O Mini-Summit - VF Event Streaming Project Proposal
Summit 16: Open-O Mini-Summit - VF Event Streaming Project ProposalOPNFV
 
APIdays London 2020: Toward certifying Financial-grade API security profile w...
APIdays London 2020: Toward certifying Financial-grade API security profile w...APIdays London 2020: Toward certifying Financial-grade API security profile w...
APIdays London 2020: Toward certifying Financial-grade API security profile w...Hitachi, Ltd. OSS Solution Center.
 
FIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE
 
FIWARE IoT Proposal & Community
FIWARE IoT Proposal & CommunityFIWARE IoT Proposal & Community
FIWARE IoT Proposal & CommunityFIWARE
 
An Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices WorldAn Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices WorldVMware Tanzu
 
FIWARE Overview of Generic Enablers
FIWARE Overview of Generic EnablersFIWARE Overview of Generic Enablers
FIWARE Overview of Generic EnablersMiguel González
 
[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT Platform
[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT Platform[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT Platform
[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT PlatformWSO2
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web ApplicationsOlivier Potonniée
 

Similar to FI-WARE Access Control GE (Part 3) – IdM OAuth Setup & Interfaces (20)

Orion context broker webminar 2013 06-19
Orion context broker webminar 2013 06-19Orion context broker webminar 2013 06-19
Orion context broker webminar 2013 06-19
 
Orion context broker webminar 2013 05-30
Orion context broker webminar 2013 05-30Orion context broker webminar 2013 05-30
Orion context broker webminar 2013 05-30
 
Chefrecipesin fi ware
Chefrecipesin fi wareChefrecipesin fi ware
Chefrecipesin fi ware
 
APIdays Paris 2019 - What are protected and secured by security requirements ...
APIdays Paris 2019 - What are protected and secured by security requirements ...APIdays Paris 2019 - What are protected and secured by security requirements ...
APIdays Paris 2019 - What are protected and secured by security requirements ...
 
KubeConRecap_nakamura.pdf
KubeConRecap_nakamura.pdfKubeConRecap_nakamura.pdf
KubeConRecap_nakamura.pdf
 
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachiapidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
 
FIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access Control
 
Fido uaf-overview-v1.1-rd-20161005
Fido uaf-overview-v1.1-rd-20161005Fido uaf-overview-v1.1-rd-20161005
Fido uaf-overview-v1.1-rd-20161005
 
Attacks-From-a-New-Front-Door-in-4G-5G-Mobile-Networks.pdf
Attacks-From-a-New-Front-Door-in-4G-5G-Mobile-Networks.pdfAttacks-From-a-New-Front-Door-in-4G-5G-Mobile-Networks.pdf
Attacks-From-a-New-Front-Door-in-4G-5G-Mobile-Networks.pdf
 
MS TechDays 2011 - WCF Web APis There's a URI for That
MS TechDays 2011 - WCF Web APis There's a URI for ThatMS TechDays 2011 - WCF Web APis There's a URI for That
MS TechDays 2011 - WCF Web APis There's a URI for That
 
Summit 16: Open-O Mini-Summit - VF Event Streaming Project Proposal
Summit 16: Open-O Mini-Summit - VF Event Streaming Project ProposalSummit 16: Open-O Mini-Summit - VF Event Streaming Project Proposal
Summit 16: Open-O Mini-Summit - VF Event Streaming Project Proposal
 
APIdays London 2020: Toward certifying Financial-grade API security profile w...
APIdays London 2020: Toward certifying Financial-grade API security profile w...APIdays London 2020: Toward certifying Financial-grade API security profile w...
APIdays London 2020: Toward certifying Financial-grade API security profile w...
 
FIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access Control
 
FIWARE IoT Proposal & Community
FIWARE IoT Proposal & CommunityFIWARE IoT Proposal & Community
FIWARE IoT Proposal & Community
 
An Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices WorldAn Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices World
 
FIWARE Generic Enablers introduction
FIWARE Generic Enablers introductionFIWARE Generic Enablers introduction
FIWARE Generic Enablers introduction
 
FIWARE Overview of Generic Enablers
FIWARE Overview of Generic EnablersFIWARE Overview of Generic Enablers
FIWARE Overview of Generic Enablers
 
[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT Platform
[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT Platform[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT Platform
[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT Platform
 
La monetizzazione delle API
La monetizzazione delle APILa monetizzazione delle API
La monetizzazione delle API
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web Applications
 

Recently uploaded

Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsMehedi Hasan Shohan
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 

Recently uploaded (20)

Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software Solutions
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 

FI-WARE Access Control GE (Part 3) – IdM OAuth Setup & Interfaces

  • 1. Follow @FIWARE #FIWARE-AZ on Twitter ! The FI-WARE Project – Base Platform for Future Service Infrastructures FI-WARE Access Control GE Part 3 – IdM OAuth Setup & Interfaces Cyril DANGERVILLE, Thales FI-WARE / WP8 / T8.2 fiware-api-cross@lists.fi-ware.eu
  • 2. IdM OAuth Setup Steps 1. IdM GE steps (contact: DT (W. Steigerwald), NSN (R. Seidl)) 1. Request new instance (OAuth only in R2.3.3 for NSN One-IDM) 2. Connect to the IdM Admin UI and register the following: 1. Target service (OAuth Resource Server) 2. Client App (OAuth Client) 3. End-users (OAuth Resource Owners) 3. Check the OAuth Token Service 4. Set custom user attributes with the REST API The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 3. Target Service - Registration The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 4. Target Service - Credentials The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 5. Target Service – Add attributes to OAuth Access Token (1/2) The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 6. Target Service – Add attributes to token (2/2) The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 7. Client App Registration The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 8. Recommendations for Client App  For implementation, check the following:  OAuth 2.0 spec (RFC), §4. Obtaining Authorization, §7. Accessing Protected Resources  §5.3 Client App Security of OAuth 2.0 Threat Model and Security Considerations (IETF RFC 6819) for implementation The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 9. End-User Self Registration The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 10. OAuth Token Service The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 11. IdM REST API for managing user attributes  No common API among IdM GEis. SCIM standard proposed.  GCP API samples The FI-WARE Project – Base Platform for Future Service Infrastructures
  • 12. Thanks ! http://fi-ppp.eu http://fi-ware.eu Follow @FIWARE #FIWARE-AZ on Twitter ! The FI-WARE Project – Base Platform for Future Service Infrastructures 11