The SLAC IAM Program will leverage the following technology:

• Stanford’s deployment of Shibboleth for WebSSO which uses standard protocol SAML2
• InCommon Federation entity using Shibboleth IdP of Stanford University
• Trusted Access Platform components comprising:
  • Grouper - for group, role, privilege services
  • midPoint - for Person and Device Registry services
  • COManage - for virtual organization and federated user on-boarding
• Microsoft Azure - all major IAM subsystems will be deployed as containerized workloads and version-controlled as a code pipeline.
• Open ID Connect (OIDC) - many consumer, newer business-oriented applications, and a growing number of analytical software packages have begun to support OIDC.