Book Image

Cloud Identity Patterns and Strategies

By : Giuseppe Di Federico, Fabrizio Barcaroli
5 (1)
Book Image

Cloud Identity Patterns and Strategies

5 (1)
By: Giuseppe Di Federico, Fabrizio Barcaroli

Overview of this book

Identity is paramount for every architecture design, making it crucial for enterprise and solutions architects to understand the benefits and pitfalls of implementing identity patterns. However, information on cloud identity patterns is generally scattered across different sources and rarely approached from an architect’s perspective, and this is what Cloud Identity Patterns and Strategies aims to solve, empowering solutions architects to take an active part in implementing identity solutions. Throughout this book, you’ll cover various theoretical topics along with practical examples that follow the implementation of a standard de facto identity provider (IdP) in an enterprise, such as Azure Active Directory. As you progress through the chapters, you’ll explore the different factors that contribute to an enterprise's current status quo around identities and harness modern authentication approaches to meet specific requirements of an enterprise. You’ll also be able to make sense of how modern application designs are impacted by the company’s choices and move on to recognize how a healthy organization tackles identity and critical tasks that the development teams pivot on. By the end of this book, you’ll be able to breeze through creating portable, robust, and reliable applications that can interact with each other.
Table of Contents (15 chapters)
Part 1: Impact of Digital Transformation
Part 2: OAuth Implementation and Patterns
Part 3: Real-World Scenarios


In this chapter, we’ve seen how OAuth 2.0/OIDC concepts are implemented in a real identity provider, AAD. We’ve seen how all the different parts of the protocols can be configured in AAD, including redirect URIs, secrets, flows, and tokens. The purpose of this chapter was to give an overview of how a commercial identity provider, at the end of the day, effectively implements a standard authentication protocol so that you can easily navigate the same concepts in other identity providers too.

In the next chapter, we are going to focus on real-world scenarios, starting with a holistic view of the identity challenges a company needs to deal with, going through the many implications the identity strategy has within a company, and going in depth to see the anatomy of a cloud-born application.

Figure 8.12 – AAD protocol endpoints

Enterprise applications

When an application is registered (defined) in the App registrations...