Identity, Authentication, and Authorization Standards
Overview
The IUDX-Novo platform implements standards-based identity and access management mechanisms to ensure secure, interoperable, and auditable access control across all services.
By adopting widely accepted open standards, the platform enables seamless integration with external systems while maintaining strong security guarantees.
Standards and Technologies Used
The following standards and technologies are used for identity, authentication, and authorization:
Identity Provider: Keycloak
Authentication Protocol: OpenID Connect (OIDC)
Authorization Framework: OAuth 2.0
Access Tokens: JSON Web Tokens (JWT)
Identity Management
Keycloak serves as the centralized Identity and Access Management (IAM) system for the platform.
Keycloak provides:
User and client authentication
Token issuance and validation
Identity federation with external identity providers
Role and attribute-based access management
This centralized approach simplifies identity governance and enhances security.
Authentication and Authorization
OpenID Connect (OIDC) is used for authentication, enabling secure and standardized identity verification.
OAuth 2.0 is used as the authorization framework to control access to protected resources.
JSON Web Tokens (JWTs) issued by Keycloak are used by platform services to:
Validate client identity
Enforce authorization and access-control policies
Propagate identity and permissions across microservices
Benefits of Standards-Based IAM
This standards-based identity and access management approach enables:
Federated identity management across organizations and systems
Secure token-based access across distributed microservices
Integration with external identity providers and directories
Fine-grained authorization and comprehensive auditability
Role in the Platform
Secures access to all platform APIs and services
Enables scalable, interoperable identity integration
Supports governance, compliance, and auditing requirements
Last updated