In Enterprise Application Access (EAA) authentication, an identity is a set of attributes which describe a user. These digital identities are stored in a directory. For directory types see Directories. For more information about attributes see User attributes.
Identity providers (IdPs) offer user authentication as a service. They create, maintain, and manage identity information for principals (typically a user) in a cloud. Some IdPs can act as the directory and others can delegate authentication back to the Active Directory (AD) or LDAP. IdPs provide authentication to applications within a federated or distributed network.
You can grant a user an identity provider administrator role to configure identity providers or a custom administrator role to manage the administration tasks for multiple resources with roled-based access control in Akamai Control Center.
IdPs use SAML, a federated identity protocol that enables web browser single sign-on (SSO), to securely exchange identity information between two autonomous entities.
The primary use case for IdPs is SSO authentication. Additional security such as two factor authentication (2FA), or multi-factor authentication (MFA), can be layered on top of the SSO authentication.
Updated about 1 year ago