Solution Concept: SSO for SPA using OAuth2
Web Application Security, Cloud Security, SSO, Active Directory, OAuth2, SPA
Problem Description
Requirements and Context
- Users and roles management: define roles and rights, including the ability to maintain users according to the company’s policies.
- Authentication: provide seamless login (Single-Sign-On) functionality to the SPA for Data Developers, Data Managers and other SMEs.
- Authorization: only authorized users should be allowed to access the application’s functionality according to the specified role and granted privileges(Principle of Least Privilege)
- Architecture decision for
- Identity and Access Management (Keycloak vs company’s Active Directory)
- Authentication and Authorization protocols (SAML, OpenID Connect, OAuth2)