Identity experience framework
摘要
說(shuō)明書(shū)
In an embodiment, the system includes policy portal logic that is configured to provide access for customer entities to a base identity policy of the plurality of identity policies, the customer entities including one or more of at least one application service provider or at least one identity operator. In the embodiment, the policy portal logic is configured to perform one or more of: receive a customer entity base identity policy that includes one or more modifications to the base identity policy from which it derives; or receive a customer entity application identity policy that includes one or more additional modifications to the customer entity base identity policy from which it derives, the one or more additional modifications being related to the application. In the embodiment, the policy portal logic is configured to store received customer entity base identity policies or customer entity application identity policies as a portion of the plurality of identity policies.
In an embodiment of the system, the communicator logic and the policy executor logic comprise a multi-sided identity experience framework configured to support a plurality of remote identity operators, a plurality of remote verification providers, and a plurality of remote application service providers for user authentication to applications.
In an embodiment of the system, the UI is defined by the identity policy that is called by the application and is configured in accordance with one or more verification providers specified by the identity policy.
In an embodiment of the system, the policy executor logic is configured to execute the user authentication process at least in part as a security token service (STS), and to mint the token according to the STS and the token request to include claims required by the application and the identity policy.
