Security

Identity Provider (IdP)

A service that creates, maintains, and manages identity information while providing authentication services to applications and systems.

Also known as:IdPIdentity Service

What is an Identity Provider?

An Identity Provider (IdP) is a service that stores and manages digital identities. It authenticates users and provides authentication tokens to service providers, enabling Single Sign-On (SSO) and centralized identity management.

Core Functions

Identity Management

  • User provisioning
  • Profile management
  • Group management
  • Lifecycle management

Authentication

  • Credential verification
  • Multi-factor authentication
  • Password management
  • Passwordless options

Token Issuance

  • SAML assertions
  • OAuth tokens
  • OIDC ID tokens
  • JWT creation

IdP vs. Service Provider

Identity ProviderService Provider
Authenticates usersRelies on IdP
Issues tokensValidates tokens
Manages identitiesConsumes identity
Examples: Okta, Azure ADExamples: Salesforce, Slack

Common IdP Solutions

Enterprise

  • Microsoft Entra ID (Azure AD)
  • Okta
  • Ping Identity
  • OneLogin

Consumer/Developer

  • Auth0
  • Google Identity
  • AWS Cognito
  • Firebase Auth

Open Source

  • Keycloak
  • Gluu
  • FreeIPA

Protocols Supported

  • SAML 2.0
  • OAuth 2.0
  • OpenID Connect (OIDC)
  • LDAP
  • SCIM (provisioning)

Selection Criteria

  • Protocol support
  • MFA capabilities
  • Directory integration
  • Scalability
  • Compliance features
  • Cost model
Previous

Identity and Access Management (IAM)

Next

Incident Management