How to Choose a NIEF Identity Provider Product: Difference between revisions
(Created page with "{| !class="gfipmnav"|Main Page !class="gfipmnav"|Up |} This article lists the re...") |
No edit summary |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
{| | {| | ||
!class="gfipmnav"|[[ | !class="gfipmnav"|[[NIEF Implementers Wiki|Main Page]] | ||
!class="gfipmnav"|[[How to Implement a NIEF Identity Provider|Up]] | !class="gfipmnav"|[[How to Implement a NIEF Identity Provider|Up]] | ||
|} | |} | ||
This article lists the requirements for products that may be considered for a | This article lists the requirements for products that may be considered for a NIEF Identity Provider (IDP). It also briefly describes the IDP products for which NIEF implementers currently have some amount of knowledge and implementation experience. | ||
As you work through the process of choosing an IDP product, consider which product best meets your organization's needs, and keep in mind that the best product for you may not necessarily be included in this document. For those organizations that have an existing enterprise identity management platform, the best choice may be to implement a | As you work through the process of choosing an IDP product, consider which product best meets your organization's needs, and keep in mind that the best product for you may not necessarily be included in this document. For those organizations that have an existing enterprise identity management platform, the best choice may be to implement a NIEF IDP via that existing platform - especially if the existing identity management platform conforms to the NIEF IDP technical requirements (listed below). | ||
An IDP authenticates an end user and creates a SAML assertion for that user in a trusted fashion to a Service Provider (SP). When a user attempts to access an SP, the user's IDP collects local attribute information about the user and uses it to generate a SAML assertion for the user. | An IDP authenticates an end user and creates a SAML assertion for that user in a trusted fashion to a Service Provider (SP). When a user attempts to access an SP, the user's IDP collects local attribute information about the user and uses it to generate a SAML assertion for the user. | ||
A | A NIEF IDP must meet the minimum requirements expressed in the [https://artifacts.trustmarkinitiative.org/lib/trust-interoperability-profiles/nief-minimum-interoperability-tip-for-saml-idp/1.0/ NIEF Minimum Interoperability TIP for SAML IDP]. | ||
The following is a non-exhaustive list of products that provide SAML-based identity provider capabilities. You should evaluate these and other products to determine which best meet your needs within your budget. | The following is a non-exhaustive list of products that provide SAML-based identity provider capabilities. You should evaluate these and other products to determine which best meet your needs within your budget. | ||
Line 36: | Line 18: | ||
* [[Ping Identity PingFederate IDP | Ping Identity PingFederate IDP]] | * [[Ping Identity PingFederate IDP | Ping Identity PingFederate IDP]] | ||
* [[CA Federation Manager IDP | CA Federation Manager IDP]] | * [[CA Federation Manager IDP | CA Federation Manager IDP]] | ||
* [[ | * [[Microsoft ADFS 3.0 | Microsoft ADFS 3.0]] | ||
* [[ | * [[SimpleSAML PHP | SimpleSAML PHP ]] | ||
{| | {| | ||
!class="gfipmnav"|[[ | !class="gfipmnav"|[[NIEF Implementers Wiki|Main Page]] | ||
!class="gfipmnav"|[[How to Implement a NIEF Identity Provider|Up]] | !class="gfipmnav"|[[How to Implement a NIEF Identity Provider|Up]] | ||
|} | |} |
Latest revision as of 17:54, 22 January 2019
Main Page | Up |
---|
This article lists the requirements for products that may be considered for a NIEF Identity Provider (IDP). It also briefly describes the IDP products for which NIEF implementers currently have some amount of knowledge and implementation experience.
As you work through the process of choosing an IDP product, consider which product best meets your organization's needs, and keep in mind that the best product for you may not necessarily be included in this document. For those organizations that have an existing enterprise identity management platform, the best choice may be to implement a NIEF IDP via that existing platform - especially if the existing identity management platform conforms to the NIEF IDP technical requirements (listed below).
An IDP authenticates an end user and creates a SAML assertion for that user in a trusted fashion to a Service Provider (SP). When a user attempts to access an SP, the user's IDP collects local attribute information about the user and uses it to generate a SAML assertion for the user.
A NIEF IDP must meet the minimum requirements expressed in the NIEF Minimum Interoperability TIP for SAML IDP.
The following is a non-exhaustive list of products that provide SAML-based identity provider capabilities. You should evaluate these and other products to determine which best meet your needs within your budget.
- Shibboleth IDP
- Ping Identity PingFederate IDP
- CA Federation Manager IDP
- Microsoft ADFS 3.0
- SimpleSAML PHP
Main Page | Up |
---|