Managed Identities are cloud based Identities which are offered in SaaS model where you delegate all the Identity Management including credentials storage, security and a lot of other related aspects to cloud Provider. Cognito from AWS and Active Directory (AAD and AAD B2C) from Azure are prominent cloud provider followed by Auth0.
Security is the biggest risk of connected world and once the site get compromised, hackers try to target to capture user data to get personal private data of users including passwords and attempt privileged access to site. Kicking out the core security part (Identity) from the application, itself removes a lot of surface area that is open for attacks. Also, with this your application moves to more connected and standardized approach since this opens a whole world of Single Sign On and connected world.
In this series of articles we shall be working and discussing on cloud identities in general along with hands on labs and bootstrap code to start with. However, sometimes the standardization is also not easy and at times needs bits and pieces that needs to be plugged in for a more seamless end to end experience. For instance, the implementation for OpenIdConnect provided by AWS Cognito does not have a default logout url that needs to be “sort of” patched. And believe me, it bites up a considerable time.
The purpose of these demos is to figure out all such things and get a niche working set of code for you.
Identity samples includes the following platforms:
- AWS Cognito (completed)
- Azure AD (Azure Active Directory & Azure Active Directory B2C)
Here is the video explaining the concepts. Apologies for bad audio, but you should get the feel 🙂
Source code and samples available at: https://github.com/letsdocoding/cloud-identity-samples