OpenID Connect federations

The Federation module supports OpenID Connect (OIDC) Provider federations and OIDC Relying Party federations.

ISAM supports the OAuth 2.0 protocol, including OIDC. The OIDC protocol is an extension of the OAuth protocol to better support identity and authentication. To understand how OIDC extends OAuth, and to understand OIDC Provider federations and Relying Party federations, see:

• OAuth 2.0 and OIDC support
• OpenID Connect concepts
• OAuth 2.0 and OIDC workflows

Versions ISAM prior to 9.0.4 configured OIDC federations through a federation wizard. Security Verify Access 9.0.4 now configures OIDC Providers through an API Protection interface. Relying Party federations use a new federation wizard that is enhanced to support new capabilities.

Existing deployments ISAM OIDC federations are fully supported as legacy federations.

For configuration, use the instructions that apply to your deployment:

• For new OIDC Providers, see OpenID Connect Provider federations.
• For new OIDC Relying Party federations, see OpenID Connect Relying Party federations.
• For existing (prior to ISAM 9.0.4) OIDC Provider federations and Relying Party federations, see Legacy support for OpenID Connect federations.

• OpenID Connect Provider federations
  We now configure support for an OpenID Connect Provider using the API Protection user interface panel.
• OpenID Connect Relying Party federations
  ISAM supports OpenID Connect Relying Party federations.
• Conformance
  ISAM supports FAPI conformance and OpenID Connect Discovery conformance.

Parent topic: Federation configuration