---
## Authentication and Authorization Service Update
6/3/2019
---
#### Alpha core components
- SSO server
- Users portal
- Application portal
- Service data model (REST API)
---
#### Users Portal: [cern.ch/users-portal](https://cern.ch/users-portal)
<video src="https://espace.cern.ch/authorization-service/SiteAssets/Users_Portal.mp4" controls="controls" style="width:600px;"></video>
---
#### Applications Portal: [cern.ch/application-portal](https://cern.ch/application-portal)
<video src="https://espace.cern.ch/authorization-service/SiteAssets/App_Portal.mp4" controls="controls" style="width:600px;"></video>
---
#### [Attribute Viewer application](https://oidc-attribute-viewer.cern.ch)
<video src="https://espace.cern.ch/authorization-service/SiteAssets/Attr_Viewer.mp4" controls="controls" style="width:600px;"></video>
---
#### eduGAIN Integration
<video src="https://espace.cern.ch/authorization-service/SiteAssets/eduGAIN_Login.mp4" controls="controls" style="width:600px;"></video>
---
#### FreeIPA
- New fellow started in March
- Important progress on hosts registration workflow
- Thanks to Julien & Thomas
- See [MAlt IAM: FreeIPA Functional Design](https://codimd.web.cern.ch/s/BkpLBppXE)
- FreeIPA can replace Active Directory
---
#### Alpha testing
- **Joni Herttuainen**, API to access RBAC through SSO: SAML
- **Axel Naumann & Oksana Shadura**, Root: OAuth2, GitHub
- **Manuel Alvarez Alvarez**, FAP-BC: Oauth2 for mobile applications
- **Luis Rodriguez Fernandez**, IT-DB: SAML
- **Anthony Raanui Baschenis**: Java-based client
- **Ricardo Rocha**: OAuth2
- **Eduardo Alvarez Fernandez & Sebastian Bukowiec**, IT-CDA: OAuth2
---
### What's next
- Setup an initial synchronization mechanism for users and (some) groups
- Alpha testing with real applications
- Groups functionality in the new data model
- Collaboration with AIS for knowledge transfer and dynamic functionality
- Define token format and policies
---
# Questi<i class="fa fa-question-circle " aria-hidden="true"></i>ns
---
{"title":"Authentication and Authorization Service update","type":"slide","slideOptions":{"theme":"cern3","transition":"slide"}}