The SLAC IAM Program will leverage the following technology:

  • Stanford’s deployment of Shibboleth for WebSSO which uses standard protocol SAML2
  • InCommon Federation entity using Shibboleth IdP of Stanford University
  • Trusted Access Platform components comprising:
    • Grouper - for group, role, privilege services
    • midPoint - for Person and Device Registry services
    • COManage - for virtual organization and federated user on-boarding
  • Microsoft Azure - all major IAM subsystems will be deployed as containerized workloads and version-controlled as a code pipeline.
  • Open ID Connect (OIDC) - many consumer, newer business-oriented applications, and a growing number of analytical software packages have begun to support OIDC.