Cloud Identity Patterns and Strategies: Design enterprise cloud identity models with OAuth 2.0 and Azure Active Directory
- Length: 258 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2022-12-23
- ISBN-10: 1801810842
- ISBN-13: 9781801810845
- Sales Rank: #3412659 (See Top 100 Books)
Get to grips with identity patterns and design a structured enterprise identity model for cloud applications
Key Features
- Learn all you need to know about different identity patterns and implementing them in real-world scenarios
- Handle multi-IDP-related common situations no matter how big your organization
- Gain practical insights into OAuth implementation patterns and flows
Book Description
Identity is paramount for every architecture design, making it crucial for enterprise and solutions architects to understand the benefits and pitfalls of implementing identity patterns. However, information on cloud identity patterns is generally scattered across different sources and rarely approached from an architect’s perspective, and this is what Cloud Identity Patterns and Strategies aims to solve, empowering solutions architects to take an active part in implementing identity solutions.
Throughout this book, you’ll cover various theoretical topics along with practical examples that follow the implementation of a standard de facto identity provider (IdP) in an enterprise, such as Azure Active Directory. As you progress through the chapters, you’ll explore the different factors that contribute to an enterprise’s current status quo around identities and harness modern authentication approaches to meet specific requirements of an enterprise. You’ll also be able to make sense of how modern application designs are impacted by the company’s choices and move on to recognize how a healthy organization tackles identity and critical tasks that the development teams pivot on.
By the end of this book, you’ll be able to breeze through creating portable, robust, and reliable applications that can interact with each other.
What you will learn
- Understand the evolution of identity in the enterprise
- Discover basic to advanced OAuth patterns and implementations
- Find out how OAuth standards are usually adopted in the enterprise
- Explore proven solutions for modern identity challenges
- Use Azure AD for implementing identity solutions
- Comprehend how company structure and strategies influence design decisions
Who this book is for
This book is for cloud security engineers and identity experts. Enterprise architects, tech leads, developers, and anyone who wants to learn how to use identity patterns and strategies to build identity models for the modern cloud era will find this book useful. This book covers many DevOps and Agile principles; although not a pre-requisite, familiarity with these topics would be helpful.
Cloud Identity Patterns and Strategies Contributors About the authors About the reviewers Preface Who this book is for What this book covers Download the color images Conventions used Get in touch Share Your Thoughts Download a free PDF copy of this book Part 1: Impact of Digital Transformation Walkthrough of Digital Identity in the Enterprise Digital transformation – the impact on the market Why an enterprise identity strategy? The impact of identities on the UX Digital identities – the duties of an enterprise The challenges when defining an identity strategy Single sign-on (SSO) LDAP and Kerberos Federation of identities Federation terminology Federation example Cookies and tokens WS-Federation WS-Federation Passive Requestor Profile WS-Federation Active Requestor Profile Security Assertion Markup Language (SAML) Summary The Cloud Era and Identity The cloud era Identity in the cloud era The pillars of a cloud company The challenges of identity The cloud identity A hybrid identity The future of identity Summary Part 2: OAuth Implementation and Patterns OAuth 2.0 and OIDC OAuth and OIDC basic concepts How OAuth and OIDC work together How the protocols are implemented in the real world Technical background Summary Authentication Flows The authorization code grant flow The authorization code grant flow with PKCE The implicit grant flow The client credentials grant flow The ROPC grant flow The OBO flow Hybrid flows Summary Exploring Identity Patterns Understanding the basic terminology Web applications User authentication only pattern Additional considerations Native applications Application authorization pattern SPAs Single-page authentication pattern Additional considerations Security considerations Summary Part 3: Real-World Scenarios Trends in API Authentication The complexity of defining standard guidance The vertical API approach API landscape complexity The application frontend API flow The application automation API The multiple IdP dilemma Defining enterprise standards for identity The service mesh and identity management Authentication implications in a service mesh Common antipatterns Summary Identity Providers in the Real World The technical aspects The non-technical aspects Azure Active Directory (AAD) Azure Active Directory Domain Services (AD DS) Azure Active Directory B2C (AD B2C) Active Directory Federation Services (AD FS) Customer Identity from SAP Customer Data Cloud Okta (Auth0) Summary Real-World Identity Provider – A Zoom-In on Azure Active Directory An overview of AAD AAD basics Supported authentication protocols User provisioning Synchronization from on-premises to AAD Synchronization from a cloud HR system to AAD Synchronization from AAD to a cloud application Synchronization from AAD to an on-premises application or system Authentication types MFA Federated authentication PTA PHS Seamless SSO and Primary Refresh Token (PRT) Passwordless authentication Registering and configuring applications App registrations Authentication Certificates and secrets Token configuration API permissions Exposing an API Example of an AAD-issued token Additional features Conditional Access Identity Protection Privileged Identity Management External identities Identity Governance Verifiable credentials Microsoft Graph Summary Enterprise applications Exploring Real-World Scenarios The identity features within an enterprise in the real world The implications of the company’s structure Frontend authentication challenges in the real world Backend authentication challenges in the real world Pattern 1 – multiple IDPs Pattern 2 – a single IdP Pattern 3 – domain-based registration Pattern 4 – application-based registration Authentication challenges for microservices integration Summary Index Why subscribe? Other Books You May Enjoy Packt is searching for authors like you Share your thoughts Download a free PDF copy of this book
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Cloud Identity Patterns and Strategies: Design enterprise cloud identity models with OAuth 2.0 and Azure Active Directory
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.