The SLAC IAM Program will leverage the following technology:
- Stanford’s deployment of Shibboleth for WebSSO which uses standard protocol SAML2
- InCommon Federation entity using Shibboleth IdP of Stanford University
- Trusted Access Platform components comprising:
- Grouper - for group, role, privilege services
- midPoint - for Person and Device Registry services
- COManage - for virtual organization and federated user on-boarding
- Microsoft Azure - all major IAM subsystems will be deployed as containerized workloads and version-controlled as a code pipeline.
- Open ID Connect (OIDC) - many consumer, newer business-oriented applications, and a growing number of analytical software packages have begun to support OIDC.