Identity Provider (IdP) — IDM / IAM / IGA Glossary

Definition

System that authenticates users and issues identity assertions (SAML responses, OIDC ID tokens) to relying parties. Central component of federated SSO — users log in once at IdP, then access multiple applications without re-authentication. Enterprise: Microsoft Entra, Okta, Ping, ForgeRock. Consumer: Google, Apple, Microsoft, Facebook.

Application: MidPoint: System that provides identity-related information to applications (known in this context as "relying party" or "service provider").

Standards & regulations

NIST SP 800-63C «This document, SP 800-63C, provides requirements to **identity providers (IdPs)** and relying parties (RPs) of federated identity systems.»
SAML V2.0 Technical Overview (OASIS SSTC Working Draft) «An **Identity Provider (IdP)** is a special type of authentication authority that **creates, maintains, and manages identity information for principals and can provide assertions to service providers*»
OASIS Identity Provider Discovery Service Protocol and Profile (SAML-idp-discovery) «…a centralized discovery service implemented independently of a given service provider can provide a requesting service provider with the **unique identifier of an identity provider that can authentic»
OpenID Connect Core 1.0 «An OpenID Connect **Provider (OP) is an OAuth 2.0 Authorization Server that is capable of Authenticating the End-User and providing Claims to a Relying Party** about the Authentication event and the E»

Sources

NIST SP 800-63 Digital Identity Guidelines (NIST) primary source

Related terms

← Back to glossary · Open in main list

Identity Provider IdP

Definition

Related terms