FI-WARE Access Control GE (Part 3) – IdM OAuth Setup & Interfaces
1. Follow @FIWARE #FIWARE-AZ on Twitter !
The FI-WARE Project – Base Platform for Future
Service Infrastructures
FI-WARE Access Control GE
Part 3 – IdM OAuth Setup & Interfaces
Cyril DANGERVILLE, Thales
FI-WARE / WP8 / T8.2
fiware-api-cross@lists.fi-ware.eu
2. IdM OAuth Setup Steps
1. IdM GE steps (contact: DT (W. Steigerwald), NSN (R. Seidl))
1. Request new instance (OAuth only in R2.3.3 for NSN One-IDM)
2. Connect to the IdM Admin UI and register the following:
1. Target service (OAuth Resource Server)
2. Client App (OAuth Client)
3. End-users (OAuth Resource Owners)
3. Check the OAuth Token Service
4. Set custom user attributes with the REST API
The FI-WARE Project – Base Platform for Future
Service Infrastructures
3. Target Service - Registration
The FI-WARE Project – Base Platform for Future
Service Infrastructures
4. Target Service - Credentials
The FI-WARE Project – Base Platform for Future
Service Infrastructures
5. Target Service – Add attributes to OAuth
Access Token (1/2)
The FI-WARE Project – Base Platform for Future
Service Infrastructures
6. Target Service – Add attributes to token (2/2)
The FI-WARE Project – Base Platform for Future
Service Infrastructures
7. Client App Registration
The FI-WARE Project – Base Platform for Future
Service Infrastructures
8. Recommendations for Client App
For implementation, check the following:
OAuth 2.0 spec (RFC), §4. Obtaining Authorization, §7. Accessing
Protected Resources
§5.3 Client App Security of OAuth 2.0 Threat Model and Security
Considerations (IETF RFC 6819) for implementation
The FI-WARE Project – Base Platform for Future
Service Infrastructures
10. OAuth Token Service
The FI-WARE Project – Base Platform for Future
Service Infrastructures
11. IdM REST API for managing user attributes
No common API among IdM GEis. SCIM standard proposed.
GCP API samples
The FI-WARE Project – Base Platform for Future
Service Infrastructures
12. Thanks !
http://fi-ppp.eu
http://fi-ware.eu
Follow @FIWARE #FIWARE-AZ on Twitter !
The FI-WARE Project – Base Platform for Future
Service Infrastructures
11