What is Federation? - Intro to Identity Series

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

Shh hello Daniel and I'm Alan and we are you talk to you about single sign-on in Federation we've done a bunch of basic identity videos so far to just tell you the basics tell you kind of how the world of identity works so so far we've talked about authentication advanced authentication now we're talking about single sign-on what's the difference between single sign-on and authentication I thought they were the same thing basically our authentication is what we have to do to determine who you are single sign-on is the result you get from that so you sign on once and that single sign-on gives you access to all of the applications that you might access yeah I get it so when we're talking about authentication I could be accessing this app and it pops up a sign on and this happened pops out the sign on and this happen to pop the sign on and it's authenticating me but in that case I'm not getting a one-time experience where I log in once and it is you can access all my apps right that's pretty cool okay so that's great I own all these apps this is my enterprise and I can credit create single sign-on across it and I get that efficiency but sometimes my enterprise also speaks to partner apps right absolutely so we actually use that here right so you've noticed you'd come into four dropped you sign-on you've got access to all of our apps have you Salesforce recently I haven't have you noticed you don't have to log in I have so that is what we call Federation okay and essentially what we're doing is we're taking the four drop identity you signed on so we know who you are yeah and we're having that at any system talk to Salesforce yeah and it's telling them who you are okay so is that is that a standard yes okay so Salesforce adheres to an identity standard called sam'l to we adhere to that so utilizing the standard protocol we're able to tell Salesforce this is Daniel you don't have to worry about checking I've already checked and I know who it is you can give him access to that material basically it's kind of standards-based single sign-on absolutely across organizations okay that's cool so but when I do that is it taking my credentials my ID and password and passing that no that's what it's not telling Salesforce how I determined who you are it's telling you who you are so it's when we were taking remember when we said authentication takes a real-world person and maps that to a particular set of attributes in the identity storm yes Federation takes one or more of those attributes and sends them to Salesforce that says the user that you know as Daniel at 4.com this is him okay so some kind of trusted relationship but it can protect my anonymity absolutely share Who I am to get access to that service and it looks like here there's a lot of standards for doing Federation there are what are some of them here so 7/2 is a is a fairly mature one you'll find that a lot in federal government and actually governments worldwide and that using sound to open ID Connect is a much newer protocol it's probably about three years old now and it was designed to be much more lightweight than Sanergy sound to is very security-conscious it's xml based and it's got a lot of security aspects around it those two is another fairly simple protocol actually open ID connectors based on those two you will see that being used a lot with rest based systems and things like that Shiva this is an interesting one because Shibboleth is basically sama to the chip as their user in the education world yeah so it's a it's another side to implementation and you find them locked in different universities so the basic gist is if I hear any of these key words these standards I should know that it's associated with Federation averages and Rouge space single sign-on which helps me not only have single sign-on in my enterprise but also with partner services as well across driving enterprises and so maybe just to wrap this one up in terms of other you used Salesforce which is kind of a very employee centric scenario but are there what other scenarios are there for Federation Google X workday then this Expensify Expensify what about like our governments governments use it all over the place in fact the US government uses sam'l for pretty much everything that they do even between agencies you won't get all these agencies to have standards bases that I'm able to communicate thanks can use it for giants utilizer check imaging services absolutely okay that's helpful well thank you Alan that gives me a good sense of what Federation is

Info

Channel: ForgeRock

Views: 66,626

Rating: 4.8969555 out of 5

Keywords: forgerock, identity management, access management, digital identity, customer identity management, customer identity

Id: BFkFRnayIYY

Channel Id: undefined

Length: 5min 12sec (312 seconds)

Published: Mon Oct 17 2016