Identity and identity providers (IdPs)

In Enterprise Application Access (EAA) authentication, an identity is a set of attributes which describe a user. These digital identities are stored in a directory. For directory types see Directories. For more information about attributes see User attributes.

Identity providers (IdPs) offer user authentication as a service. They create, maintain, and manage identity information for principals (typically a user) in a cloud. Some IdPs can act as the directory and others can delegate authentication back to the Active Directory (AD) or LDAP. IdPs provide authentication to applications within a federated or distributed network.

You can grant a user an identity provider administrator role to configure identity providers or a custom administrator role to manage the administration tasks for multiple resources with roled-based access control in ‚ÄčAkamai Control Center‚Äč.

IdPs use SAML, a federated identity protocol that enables web browser single sign-on (SSO), to securely exchange identity information between two autonomous entities.

The primary use case for IdPs is SSO authentication. Additional security such as two factor authentication (2FA), or multi-factor authentication (MFA), can be layered on top of the SSO authentication.

Next, see SAML and add a new identity provider.