Identity: What is the purpose?

Hi, While I am setting up Self Managed Host I observed that Identity is mandatory for other components like Connectors, Optimize, etc. So, I also understood that Identity depends on either Keycloak or OIDC provider. I do have below questions

  1. Does Identity provides Single Sign-on (SSO) for human users to login to all the C8 components ?
  2. Does Identity provide OAUTH 2.0 based access token authorization to access Zee , Tasklist, Operate, etc from Clients. Example Spring boot will invoke Camunda APIs using Zeebe Client.
    Though I read the documentation, the above questions are unanswered from the documentation as Identity is really integrating with OIDC.

Hi @kvkirankumar - I think the simplest way to think of Identity is that it acts as the glue between an OIDC provider (Keycloak by default, but supports others) and the rest of the Camunda stack.

  1. Yes, exactly; Identity is what enables OIDC support for the other components. SSO would be enabled by your OIDC provider.
  2. Yes, you create your applications/credentials within Identity, and Identity facilitates the OAuth flow for those applications.

Hope that helps!

2 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.