Stack Overflow
Stack Overflow

Questions tagged [identity-management]

broad term used for authentication and authorization systems

This term is broadly used to cover issues such as how users are given an identity, the protection of that identity, and the technologies supporting that protection (e.g., network protocols, digital certificates, passwords, etc.) detailed reading

286 questions
65
votes
4 answers

How can I allow a Group to assume a Role?

How can I allow all members of a Group to assume a Role in AWS IAM? I tried Using the following statement but as specified in AWS IAM Principal Element, a Group can not be a Principal. I want to achieve something like below: { "Version":…
Rentrop
  • 20,979
  • 10
  • 72
  • 100
9
votes
4 answers

forgerock Identity Management Solution Vs WSO2 Identity Server

I'm trying to choose one of forgerock identity management solution (openAM, openIDM) and wso2 identity server for implementing Identity and Access Management solution. I'm interested in using following features: Single Sign-On (SSO) Policy based…
Abdul
  • 694
  • 4
  • 14
  • 29
5
votes
1 answer

How to programmatically get provisioning resources with oim 11g client api

I'm using the oracle OIM 11g api (in packages oracle.iam). I use the class oracle.iam.platform.OIMClient to get all the OIM client services like UserManager. I need to find the resources got with the provisioning workflows. Which service can I use?…
Fabio Strocco
  • 300
  • 4
  • 14
4
votes
2 answers

sp initiated saml sso authentication

I am working on SP initiated saml sso and it is completely new to me. I have gone through lots of articles and videos(wikipedia, centrify chalktalk, medium posts) but i am not able to understand some of the things: Is the saml assertion the SAML…
Akhilesh
  • 83
  • 10
4
votes
1 answer

How to add custom capabilities for Admin Roles in OIM 11G R2 PS3

We have a scenario where we have to assign partial Admin Roles for few users in OIM 11G R2 PS3. The OOTB capabilities that are available in OIM does not meet the requirements. I would like to know if there is any way to add custom capabilities…
Srinivasagopalan
  • 41
  • 3
3
votes
1 answer

Fiware: How to restrict user access to specific entity for Orion Context Broker API using keystone & keypass

First of all, I'm using the Telefonica implementations of Identity Manager, Authorization PDP and PEP Proxy, instead of the Fiware reference implementations which are Keyrock, AuthZForce and Wilma PEP Proxy. The source code and reference…
Emiliano Viotti
  • 1,619
  • 2
  • 16
  • 30
3
votes
0 answers

How i can change user roles dynamically using identity management (Asp.net)?

[Authorize(Roles = "dynamic role")] Are there any way to do that using Authorize attribute ?
Eng Hazymeh
  • 147
  • 4
2
votes
1 answer

Issue when using the following namespace Microsoft.IdentityModel.Clients.ActiveDirectory

I am getting the following error when trying to load the following namespace Microsoft.IdentityModel.Clients.ActiveDirectory Error - The type or namespace IdentityModel does not exist in the namespace Microsoft. Running on .NET Framework…
Aaron Fernandez
  • 21
  • 1
2
votes
2 answers

Not able to delete cloud composer environment

When trying to delete my cloud composer environment it gets stuck complaining about insufficient permissions. I have deleted the storage bucket, GKE cluster and the deployment according to this post: Cannot delete Cloud Composer environment And the…
John
  • 31
  • 3
2
votes
0 answers

Identity Broker vs. Federation Gateway

I am trying to understand differences between Identity Broker and Federation Gateway and where and when should you use these two services. Thanks for all kind of advice.
user217648
  • 3,338
  • 9
  • 37
  • 61
2
votes
1 answer

Which roles enable a user in a Keycloak Realm to use the Admin-REST-API?

Which roles / configuration are needed for a user that is not in the master realm to effectively use the Keycloak 15 Admin REST API? We are successfully using an account that is assigned the realm-admin role in the realm-management client to get a…
damnedOperator
  • 208
  • 2
  • 13
2
votes
1 answer

Does / can Alexa replace its generated UserId for a linked user?

We have an application utilizing Alexa skill with account linking for user details. According to Alexa's account linking documentation: Our skill is set up for Account Linking which in turn refers to a 3rd party (or it could be internal) Identity…
Simeon Leyzerzon
  • 18,658
  • 9
  • 54
  • 82
2
votes
1 answer

Identity management

I hear a lot about Identity Management and frameworks offerring IDm. But what exactly is it? What are the differences when compared to PKI? Why are the companies providing IDM solutions so much in an advantage? Is it finally not something that…
paweloque
  • 18,466
  • 26
  • 80
  • 136
2
votes
1 answer

Profile Management with Identity Server

So from what I have read on IdentityServer I should be storing details about the user such as first name and last name inside claims. How would a web application then be able to access the claim information? Since the User Info endpoint requires a…
jonmeyer
  • 748
  • 8
  • 22
2
votes
1 answer

How to configure a time-limited user client access in Keycloak?

We have to configure a time limited access per user and per client in keycloak. E.g. User a should have access to confluence from 2017-11-06 until 2018-11-06. We configured a time-based policy in the keycloak admin console and checked sucessfully…
André Ritter
  • 21
  • 2
1
2 3
18 19