The document outlines requirements for building a scalable identity provider (IDP) that is OIDC-capable, with arbitrary availability and scalability, and an extensible architecture. It discusses considerations for defining availability, security by design, OIDC concepts, and taking a system, domain, and application view of scalability. Key ingredients include deploying the IDP across multiple locations using containers, Red Hat SSO, ELK for logging, HAProxy for load balancing, Terraform for infrastructure as code, and a dedicated user repository.

1. Case Study: Scalable IDP
George Georgovassilis
Consulting Digitalisation
@blog.georgovassilis.com

2. blog.georgovassilis.com2
Hi! I’m George
International business consulting (APAC, BeNeLux, DACH, EMEA)
Helping organisations on their digitalisation journey
Accenture, Allianz and Max Planck alumn
TOGAF, Scrum, Design thinking practitioner

3. blog.georgovassilis.com3
Requirements
- OIDC-capable IDP
- Arbitrary availability & scalability
- Extensible architecture
- Security

4. blog.georgovassilis.com4
Considerations
- Availability definition
- system vs function
- user vs resource
- Availability constrained by infrastructure
- Security by design and operations
- OIDC notions

5. blog.georgovassilis.com5
Scalability 101

6. blog.georgovassilis.com6
System view

7. blog.georgovassilis.com7
Domain view

8. blog.georgovassilis.com8
Application view

9. blog.georgovassilis.com9
Oauth2 authentication flow

10. blog.georgovassilis.com10
Ingredients
- Multiple locations
- Container runtime
- Redhat SSO
- ELK
- Haproxy
- Terraform
- Dedicated user repository for mgmt