INDIGO Identity and Access Management (IAM)

Identity and Access Management Service

Provided by:
Italian National Institute of Nuclear Physics
Scientific domain:
Generic
Dedicated for:
Providers, Other, Research Communities, Research Projects
(0.0 /5) 0 reviews
Access the resource Order required
PowerFit web portal
Finding Anisotropy Tensor
SpotOn
HADDOCK Web Portal
DisVis web portal

The INDIGO Identity and Access Management Service (IAM) provides user identity and policy information to services so that consistent authorization decisions can be enforced across distributed services. IAM provides a layer where identities, enrollment, group membership and other attributes and authorization policies on distributed resources can be managed in a homogeneous way, supporting identity federations and various authentication mechanisms (X.509 certificates and social logins). The IAM service has been successfully integrated with many off-the-shelf components like Openstack, Kubernetes, Atlassian JIRA and Confluence, Grafana and with key Grid computing middleware services (FTS, dCache, StoRM). ## Functions * Authentication: The IAM supports authentication via SAML IdPs or identity federations, OpenID Connect providers and X.509 certificates. * Enrollment: The IAM provides enrollment and registration functionalities, so that users can join groups/collaborations according to well-defined flows. * Attribute and identity management: The IAM provides services to manage group membership, attributes assignment and account linking functionality. * User provisioning: the IAM provides endpoints to provision information about users identities to other services, so that consistent local account provisioning, for example, can be implemented. ## Service access options * IAM as a service INFN provides IAM as a service to partner research communities. In this scenario, a dedicated IAM instance is deployed on the INFN infrastructure and configured according to the community needs. INFN takes care of keeping the service operational and up-to-date, while administrative control on the IAM instance is granted to the community. For more information on how to access IAM as a service, check the service website.

Scientific categorisation
Generic
  • Generic
    • Generic
Categorisation
  • Security & Identity
    • Other
Target users
  • Providers
  • Other
  • Research Communities
  • Research Projects
Resource availability and languages
  • English
More about INDIGO Identity and Access Management (IAM)

The EOSC Portal is operated by the EOSC Enhance (Grant Agreement no. 871160), EOSC-hub (Grant Agreement no. 777536), and OpenAIRE-Advance (Grant Agreement no. 777541) projects funded by the European Union’s Horizon 2020 research and innovation programme.For a complete list of contributors, visit the About EOSC Portal