iSHARE Developer Portal
Other resources
Version 2.1 (current version)
Version 2.1 (current version)
  • Welcome to the iSHARE Developer Portal
  • Introduction
    • Getting started
      • Test certificates
      • Test participants
      • Postman collections
    • Release info
    • Help & support
    • Specific technical standards
      • JSON Web Token (JWT)
      • OAuth 2.0
      • OpenID Connect 1.0
      • PKI
      • TLS
      • XACML 3.0
      • Caching
      • DID
      • UTC
      • X.509
      • HTTP response codes
    • UI Guidelines
    • Conformance test tool
  • Roles
    • Roles
  • All roles (common endpoints)
    • Access token (M2M)
    • Capabilities
  • Authorisation Registry Role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Delegation
    • Delegation Policy
  • Entitled Party
    • Getting started
  • Identity Provider
    • Getting started
    • Authorize
    • Login
    • Access token
    • User info
    • Capabilities
  • Participant Registry role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Parties
    • Parties (single party)
    • Trusted list
    • Versions
    • Data Spaces
    • Create Entitled Party / Service Consumer
  • Service Consumer Role
    • Getting started
  • Service Provider Role
    • Getting started
      • Service
    • Access token (M2M)
    • Capabilities
    • Return
  • Reference
    • iSHARE JWT
      • Client Assertion
    • Authentication
    • Authorization
    • Authorisation rules
Powered by GitBook
LogoLogo

  • Cookie Policy

  • Privacy Policy

  • Imprint

  • Contact Us

Copyright © 2024 iSHARE Foundation

On this page
  1. Identity Provider

Getting started

PreviousGetting startedNextAuthorize

Last updated 2 months ago

The Identity Provider role is fulfilled by a legal entity whose tooling identifies and authenticates entities (humans or machines). An Identity Provider:

  • Provides identifiers for humans;

  • Issues credentials (i.e. a password or electronic keycard) to humans;

  • Identifies humans to Service Providers based on this information.

  • Holds information on authorisations of humans representing a Service Consumer; i.e. information indicating which humans are authorised to act on a Service Consumer's behalf.

  • Can check whether a human representing a legal entity is authorised to receive the service;

  • Can confirm this authorisation to the Service Provider.

As a result, Service Providers can outsource the identification and authentication of humans, as well as tasks related to managing the authorisations and delegation information of humans, to an Identity Provider instead of implementing their own tooling.

In order to double check if required endpoints are implemented, please use the following list as a cheat sheet:

Identity Provider

Access Token (M2M)
Capabilities
Authorize
Login
Access Token (H2M)
User Info