An identity provider (abbreviated IdP or IDP) is a system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network.[1]
In practice, the term identity provider is often used as an abbreviation to describe a number of related concepts or entities involved in the federated identity management environment found in research and education federations such as the InCommon Federation:
Identity Provider in SAML
A SAML identity provider is a system entity that issues authentication assertions in conjunction with a single sign-on→ (SSO) profile of the Security Assertion Markup Language→ (SAML).[2]
Identity Provider in Shibboleth
A Shibboleth identity provider is one of the products developed and maintained by the Shibboleth Consortium→.[3] It performs the function of a SAML identity provider and is widely adopted in research and education community in the United States and globally.
Identity Provider in eduroam
See eduroam FAQ.
Identity Provider in the InCommon Federation
When used in the context of the InCommon Federation, an identity provider specifically refers to a SAML identity provider registered by an InCommon participant and published in the InCommon metadata.
Identity Provider as an Organization
An identity provider operator (frequently abbreviated identity provider or IdP) is an organization that operates an identity provider in a federated single sign-on environment.
Within InCommon, an InCommon participant who primarily participates as an identity provider operator (typically higher education institutions) are frequently referred to as an identity provider in casual conversation.
See Also
References
- Identity provider→ from Wikipedia.
- Identity provider (SAML)→ from Wikipedia.
- Identity provider→ from Shibboleth Consortium.