Types of Identity |
|
Digital identity or identity is a claim made by users to uniquely identify themselves. For example, name, employee ID, and so on. This digital identity is a combination of identification and credentials. For example, user name and password. To confirm the identity of the user, authentication takes place. During the process of authentication, users must provide the correct credentials to identify themselves. This guarantees that users are in fact who they claim they are. From that moment on, a computer system can recognize user's identity. The applications (service containers or other software) on Process Platform must use one of the following identity types.
Table 1. Identity Types in Process Platform
Identity type |
Implementation |
|---|---|
Anonymous |
The client sends a SOAP message without any statement about identity. These SOAP messages are mapped to an anonymous user. Within Process Platform, the anonymous user is represented by the authenticated user named 'anonymous', so that ACLs can be applied to this user. For more information, refer to Anonymous User. |
Process Platform |
The client encapsulates the user credentials directly in the SOAP request. For more information, refer to Process Platform Identity. |
WS-Security SAML token |
The client provides a trusted statement on the identity of the user in the SOAP request. This statement can be acquired by authenticating with the Single Sign-On service. The reply from the Single Sign-On service contains a statement that will be trusted by the services that receive a message with that statement included. For more information, refer to WS-Security SAML Token and Managing SAML Trust. |
WS-Security User name token |
The client provides a user name token stating the identity information of the user in the SOAP header. For more information, refer to WS-Security User name Token. |
When there are no identity types present in the SOAP request, a SOAP message is seen as anonymous.
*Restriction*You cannot use multiple identities in the SOAP header, as this is not supported in Process Platform.