Book Image

Cloud Identity Patterns and Strategies

By : Giuseppe Di Federico, Fabrizio Barcaroli
5 (1)
Book Image

Cloud Identity Patterns and Strategies

5 (1)
By: Giuseppe Di Federico, Fabrizio Barcaroli

Overview of this book

Identity is paramount for every architecture design, making it crucial for enterprise and solutions architects to understand the benefits and pitfalls of implementing identity patterns. However, information on cloud identity patterns is generally scattered across different sources and rarely approached from an architect’s perspective, and this is what Cloud Identity Patterns and Strategies aims to solve, empowering solutions architects to take an active part in implementing identity solutions. Throughout this book, you’ll cover various theoretical topics along with practical examples that follow the implementation of a standard de facto identity provider (IdP) in an enterprise, such as Azure Active Directory. As you progress through the chapters, you’ll explore the different factors that contribute to an enterprise's current status quo around identities and harness modern authentication approaches to meet specific requirements of an enterprise. You’ll also be able to make sense of how modern application designs are impacted by the company’s choices and move on to recognize how a healthy organization tackles identity and critical tasks that the development teams pivot on. By the end of this book, you’ll be able to breeze through creating portable, robust, and reliable applications that can interact with each other.

Related Content you might be interested in

Current Title:

Small book image
Cloud Identity Patterns and Strategies
Giuseppe Di Federico | Fabrizio Barcaroli
Dec, 2022 | 258 pages
Small book image
Azure Active Directory for Secure Application Development
Sjoukje Zaal
May, 2022 | 268 pages
Small book image
Implementing Multifactor Authentication
Marco Fanti
Jun, 2023 | 550 pages
Small book image
Keycloak - Identity and Access Management for Modern Applications
Stian Thorgersen | Pedro Igor Silva
Jul, 2023 | 350 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
Download the color images
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1: Impact of Digital Transformation
Part 1: Impact of Digital Transformation
Free Chapter
2
Walkthrough of Digital Identity in the Enterprise
Walkthrough of Digital Identity in the Enterprise
Digital transformation – the impact on the market
Why an enterprise identity strategy?
The impact of identities on the UX
Digital identities – the duties of an enterprise
The challenges when defining an identity strategy
Single sign-on (SSO)
LDAP and Kerberos
Federation of identities
WS-Federation
Security Assertion Markup Language (SAML)
Summary
3
The Cloud Era and Identity
The Cloud Era and Identity
The cloud era
Identity in the cloud era
The challenges of identity
The cloud identity
A hybrid identity
The future of identity
Summary
4
Part 2: OAuth Implementation and Patterns
Part 2: OAuth Implementation and Patterns
5
OAuth 2.0 and OIDC
OAuth 2.0 and OIDC
OAuth and OIDC basic concepts
How OAuth and OIDC work together
How the protocols are implemented in the real world
Technical background
Summary
6
Authentication Flows
Authentication Flows
The authorization code grant flow
The authorization code grant flow with PKCE
The implicit grant flow
The client credentials grant flow
The ROPC grant flow
The OBO flow
Hybrid flows
Summary
7
Exploring Identity Patterns
Exploring Identity Patterns
Understanding the basic terminology
Web applications
Native applications
SPAs
Summary
8
Part 3: Real-World Scenarios
Part 3: Real-World Scenarios
9
Trends in API Authentication
Trends in API Authentication
The complexity of defining standard guidance
The vertical API approach
API landscape complexity
The application frontend API flow
The application automation API
The multiple IdP dilemma
Defining enterprise standards for identity
The service mesh and identity management
Authentication implications in a service mesh
Common antipatterns
Summary
10
Identity Providers in the Real World
Identity Providers in the Real World
The technical aspects
The non-technical aspects
Azure Active Directory (AAD)
Azure Active Directory Domain Services (AD DS)
Azure Active Directory B2C (AD B2C)
Active Directory Federation Services (AD FS)
Customer Identity from SAP Customer Data Cloud
Okta (Auth0)
Summary
11
Real-World Identity Provider – A Zoom-In on Azure Active Directory
Real-World Identity Provider – A Zoom-In on Azure Active Directory
An overview of AAD
AAD basics
Supported authentication protocols
Registering and configuring applications
Additional features
Summary
12
Exploring Real-World Scenarios
Exploring Real-World Scenarios
The identity features within an enterprise in the real world
The implications of the company’s structure
Frontend authentication challenges in the real world
Backend authentication challenges in the real world
Authentication challenges for microservices integration
Summary
13
Index
Index
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughts
Download a free PDF copy of this book

API landscape complexity

To fully understand the complexity of API proliferation and the related OAuth implications, let’s start to enumerate what kind of API we can encounter today in an enterprise landscape.

The following table summarizes the most common use cases for APIs in an enterprise landscape:

...

API

Description

Example

Application frontend API

An HTTP endpoint that belongs to the application and is designed to be consumed by the application’s user

Single-Page Application (SPA)

Application automation API

A publicly exposed HTTP endpoint that belongs to the application and is designed to be consumed by an automation service in a controlled way

Automatic processes need to query the application
Previous Section
End of Section 4
Next Section