INDIGO Identity and Access Management (IAM)

Identity and Access Management Service

Provided by:
INFN
Research area:
Interdisciplinary
Dedicated for:
Research organisations, Business, Research group, Providers
(0.0 /5) 0 reviews

The INDIGO Identity and Access Management Service (IAM) provides user identity and policy information to services so that consistent authorization decisions can be enforced across distributed services.

IAM provides a layer where identities, enrollment, group membership and other attributes and authorization policies on distributed resources can be managed in a homogeneous way, supporting identity federations and various authentication mechanisms (X.509 certificates and social logins).

The IAM service has been successfully integrated with many off-the-shelf components like Openstack, Kubernetes, Atlassian JIRA and Confluence, Grafana and with key Grid computing middleware services (FTS, dCache, StoRM).

Functions

  • Authentication: The IAM supports authentication via SAML IdPs or identity federations, OpenID Connect providers and X.509 certificates.
  • Enrollment: The IAM provides enrollment and registration functionalities, so that users can join groups/collaborations according to well-defined flows.
  • Attribute and identity management: The IAM provides services to manage group membership, attributes assignment and account linking functionality.
  • User provisioning: the IAM provides endpoints to provision information about users identities to other services, so that consistent local account provisioning, for example, can be implemented.

Service access options

  • IAM as a service

INFN provides IAM as a service to partner research communities. In this scenario, a dedicated IAM instance is deployed on the INFN infrastructure and configured according to the community needs. INFN takes care of keeping the service operational and up-to-date, while administrative control on the IAM instance is granted to the community. For more information on how to access IAM as a service, check the service website.

Places and languages
  • World
  • En
Service Availability
Links
Documents
Service phase
  • Production
Last Update
  • 12.08.2020

The EOSC portal is been jointly developed and maintained by the EOSC-hub, eInfraCentral and OpenAIRE-Advance projects funded by the European

Union’s Horizon 2020 research and innovation programme with contribution of the European Commission

2018 EOSC Portal