Overview#

A Identity Provider (IDP) is a trusted Authentication provider.

Identity Provider (IDP) may be referred to as a Credential Service Provider (CSP)

An Identity Provider (IDP) often allows a user, either Enterprise or Consumer, to use a single credential or profile to access a range of different services.

Companies such as Facebook or Google are examples of large-scale consumer Identity Provider (IDP).

The FIDO protocols are complementary to the Identity/Federation efforts.

Alternative Names for Identity Provider (IDP)#

There are many different names used which represent the Identity Provider (IDP):

• Identity Service Provider
• Identity Assertion Provider
• OpenID Connect Provider (OP)

Services using Identity Provider (IDP)#

Some service that use Identity Provider (IDP)

• SAML V2.0
• OAuth 2.0
• OpenID Connect
• User-Managed Access
• Identity Broker

OpenID Connect (and OAuth is an important protocol for Identity Provider (IDP) services as most major web services are also identity providers, mainly through the use of OAuth 2.0.

More Information#

There might be more information for this subject on one of the following:

• API-Gateway
• Access Proxy
• Account termination
• Accreditation Authority
• Acr_values
• Administrative Identity
• Anonymous Identity
• Auth 2.0 Resource Set Registration
• Authentication
• Authentication Agent
• Authentication Context Class
• Authentication Context Class Values
• Authentication Method
• Authenticator Assurance Levels
• Authorization Server
• Biometric Sample Processing
• Certificate
• Circle of Trust
• Claim
• Claim_types_supported
• Claimant
• Claims_parameter_supported
• Claims_supported
• Closed-Loop Authentication
• Common Domain for Identity Provider Discovery
• Context Based Access Control
• Cool Identity Token Uses
• Covert Redirect Vulnerability
• Credential Holder
• Credential Revocation
• Credential Service Provider
• Data Provenance
• Digital Identity
• Digital Identity Acceptance Policy
• Display_values_supported
• FAL 1
• FAL 2
• FAL 3
• Federated Identity
• Federation
• Federation Assurance Level
• Federation Models
• Glossary Of LDAP And Directory Terminology
• Gluu Server
• Grant_types_supported
• Holder
• IDP
• IDP Metadata
• IDP-Initiated SSO-POST
• Id_token_encryption_alg_values_supported
• Id_token_encryption_enc_values_supported
• Id_token_signing_alg_values_supported
• Identification
• Identity Assurance
• Identity Broker
• Identity Custodian
• Identity Ecosystem Framework
• Identity Relationship Framework
• Identity Token
• Identity Toolkit ID Token
• Issuer
• JWK Set
• Jwks_uri
• Kerberos
• Law of Pluralism of Operators and Technologies
• Legitimacy of Social Login
• Level Of Assurance
• Level of Identity Proofing
• Logging Out
• Login_hint
• Login_hint_token
• Logout Mechanism
• Multi-Source Identity
• NIST.IR 7817
• National Strategy for Trusted Identities in Cyberspace
• OAuth 2.0 Client Registration
• OAuth 2.0 Mix-Up Attack
• OAuth 2.0 Vulnerabilities
• OAuth 2.0 for Native Apps
• OAuth and OIDC Adoption
• Op_policy_uri
• Op_tos_uri
• Open-Loop Authentication
• OpenAM Endpoints
• OpenID
• OpenID Connect
• OpenID Connect Discovery
• OpenID Connect Front-Channel Logout
• OpenID Connect Provider
• OpenID Connect Session Management
• OpenID Provider Authentication Policy Extension
• OpenID.Registration
• Openid-configuration
• Organizational Attributes
• Pairwise Pseudonymous Identifier
• Password Quality
• Passwordless SMS Authentication
• Privacy And Security Conflicts
• Privacy Considerations
• PrivacyLens
• Provider Configuration URI
• Provider of services
• Registration_not_supported
• Relying Party
• Request_not_supported
• Request_object_encryption_alg_values_supported
• Request_object_encryption_enc_values_supported
• Request_object_signing_alg_values_supported
• Request_parameter_supported
• Request_uri_not_supported
• Require_request_uri_registration
• Response_modes_supported
• Response_types_supported
• SAML
• SAML Authentication Statement
• SAML Protocols
• SAML V2.0
• SCIM Service Provider Configuration Endpoints
• SP-Initiated SSO-POST-POST
• Security Token Service
• Service Provider
• Service_documentation
• Single Logout
• Single Logout Profile
• Single Sign-On Scenarios
• Social Identity Provider
• Social Login
• Social Websites
• Subject_types_supported
• The Seven Laws Of Identity
• Third-party Identity Provider
• Token Binding over HTTP
• Trust Model
• U-Prove
• Vectors of Trust
• Verifiable Claims
• W3C Decentralized Identifiers
• Web Blog_blogentry_060815_1
• Web Blog_blogentry_170617_1
• Web Blog_blogentry_180216_1
• Web Blog_blogentry_230717_1
• Web Blog_blogentry_231015_1
• Why Access Tokens
• Why OAuth 2.0
• Why OpenID Connect