External Authentication

Summary

How can users be authenticated using an external identity to enable them to gain access to data they have been authorised to view?

Problem

There are a number of users who have identities we do not control, for example Google, Twitter, Facebook or Microsoft Active Directory identities. These users need to be authenticated before they are granted access to data, so we can apply the correct authorisation policies. These users want to use their current identities, they do not want us to provide a second identity to authenticate them.

Patterns

  • External Identity Provider

  • Active Directory Federation

External Identity Provider

Active Directory Federation