フィードを購読する

Red Hat 3scale API Management Platform simplifies the integration between the APIcast gateway and Red Hat Single Sign-On through OpenID Connect (OIDC) for API authentication. Consequently, the new version enables API provider users to select and configure their API authentication process from the admin portal UI. 

OIDC Settings

OpenID Connect (OIDC)

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the end user based on the authentication performed by an authorization server. Clients can also get basic profile information about the end user in an interoperable and REST-like way.

OpenID Connect allows clients of all types, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end users. The specification suite is extensible, allowing participants to use optional features such as encryption of identity data, discovery of OpenID providers, and session management.

See http://openid.net/connect/faq/ for the Frequently Asked Questions about OpenID Connect.

Red Hat Single Sign-On

Red Hat Single Sign-On (RH-SSO) provides Web single sign-on and identity federation based on SAML 2.0, OpenID Connect, and OAuth 2.0 specifications.

In addition, RH-SSO supports the four basic OAuth 2.0 flows:

  • Client credentials
  • Authorization code
  • Implicit grant
  • Resource password owner

More information about RH-SSO can be found on the Red Hat product page.

What’s New in 3scale API Management 2.1

From this version on, API providers will be able to select OpenID Connect (OIDC) as the mechanism of authentication for APIs. They will be able to configure the OIDC integration from the admin portal UI service definition. API providers will also be able to add the OIDC issuer location from the authentication settings. Users can configure this setting per service, so they can set up different providers for each one of their APIs. As a result, API providers can use different security realms from the Identity Provider (IdP) per API provider account.

OpenID Connect

The new version of 3scale API Management adds Zync, a new part that takes care of synchronization between applications and the IdP, simplifying the communication of the different components of your architecture. Also, Zync will dynamically register the client in both systems.

In addition, users can secure the admin portal with RH-SSO. Previously, only the developer portal was able to connect with Red Hat Single Sign-On. Now, users can configure the same IdP for both portals.

Most noteworthy, makes it easier to integrate with other IdPs as long as they’re compliant with OIDC specification. Now adding other IdPs need more custom code for the integration. In future releases, the admin portal UI will offer support to configure them seamlessly.

Finally, Red Hat 3scale API Management 2.1 requires Red Hat Single Sign-On (RH-SSO) 7.1.2 or newer to add the new OpenID Connect integration. As these are the supported solution versions to carry out OAuth 2.0 from end to end.

Red Hat 3scale API Management Platform 2.1 is now available to try on-premise.

Resource Links


執筆者紹介

UI_Icon-Red_Hat-Close-A-Black-RGB

チャンネル別に見る

automation icon

自動化

テクノロジー、チームおよび環境に関する IT 自動化の最新情報

AI icon

AI (人工知能)

お客様が AI ワークロードをどこでも自由に実行することを可能にするプラットフォームについてのアップデート

open hybrid cloud icon

オープン・ハイブリッドクラウド

ハイブリッドクラウドで柔軟に未来を築く方法をご確認ください。

security icon

セキュリティ

環境やテクノロジー全体に及ぶリスクを軽減する方法に関する最新情報

edge icon

エッジコンピューティング

エッジでの運用を単純化するプラットフォームのアップデート

Infrastructure icon

インフラストラクチャ

世界有数のエンタープライズ向け Linux プラットフォームの最新情報

application development icon

アプリケーション

アプリケーションの最も困難な課題に対する Red Hat ソリューションの詳細

Original series icon

オリジナル番組

エンタープライズ向けテクノロジーのメーカーやリーダーによるストーリー