Overview#To address the need for Identity Management or more so Identity Relationship Management, you have to build on a solid base. You need to establish your security infrastructure on protocols and standards that have been peer-reviewed and are seeing market adoption.
For a long time, lack of such standards has been the main impediment for large organizations wanting to adopt RESTful APIs in earnest. This is no longer the case since the advent of the Neo-security Stack:
- Authentication - OpenID Connect - FIDO
- Provisioning - SCIM
- Identity - JSON Identity Suite
- Federation - OpenID Connect / SAML
- Delegated Access - OAuth 2.0 - User-Managed Access
- Authorization - XACML
This protocol suite gives us all the capabilities we need to build a secure API platform using the OAuth 2.0 and OpenID Connect for the base. If you already have a handle on these, learn more about how the other protocols of the Neo-Security Stack fit together.