Identity provider vs authentication provider

736 Views Asked by At

What is the difference between an identity provider and an authentication provider? This is specifically for System Security Services Daemon(SSSD) in Redhat 6/7. I assume the identity provider is like Google or Facebook providing logins to 3rd party website but I'm not sure what an authentication provider does?

1

There are 1 best solutions below

0
On

The Identity Provider specifies the details of the identity back end to use for the "Security" domain.

The id_provider parameter specifies the type of provider. The common ones are:

  • ldap
  • ipa (Identity Management in Red Hat Enterprise Linux)
  • ad (Microsoft Active Directory)
  • proxy, for a legacy NSS provider, such as nss_nis. Using a proxy ID provider also requires specifying the legacy NSS library to load to start successfully, set in the proxy_lib_name option.
  • local, the SSSD internal local provider

The Authentication Provider directive specifies the authentication provider used for the domain. If NOT specified, the iIdentity Provider is used. Supported authentication providers are:

  • ldap: Native LDAP authentication
  • krb5: Kerberos authentication
  • proxy: Relays authentication to some other PAM target
  • none: Disables authentication explicitly

The best references for SSSD are https://sssd.io/, https://access.redhat.com/ and of course Google.