Skip to content

Commit e1dff69

Browse files
committed
readme, use cases and architecture portrait
1 parent a3ff5f1 commit e1dff69

2 files changed

Lines changed: 1341 additions & 9 deletions

File tree

README.md

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -43,26 +43,34 @@ with Metadata, Authn Requests and Responses.
4343

4444
## Introduction
4545

46-
IAM Proxy Italia is an intermediate between many SAML2/OIDC
47-
Service Providers and many SAML2/OIDC Identity Providers or Wallet authentication sytems based on OpenID4VP.
46+
**IAM Proxy Italia** acts as an intermediary between different digital identity authentication systems, including SAML2/OIDC Providers and eID Wallet authentication systems based on OpenID4VC.
4847

49-
It allows traditional Saml2 Service Providers, or OIDC RP or OAuth2 Clients to communicate with
50-
**Spid**, **CIE** and **eIDAS** Identity Providers adapting Metadata and AuthnRequest operations.
48+
It supports three main use cases:
5149

52-
<img src="gallery/spid_proxy.png" width="256">
50+
**A. Legacy Integration**
51+
Legacy SAML2 Service Providers or OIDC RPs can communicate with SPID, CIE, and eIDAS Identity Providers through metadata and authentication request adaptation.
5352

54-
**Figure1** : _Traditional SAML2 Service Providers (SPs) proxied through the SATOSA SPID Backend gets compliances on AuthnRequest and Metadata operations_.
53+
**B. Wallet Authentication**
54+
Legacy SAML2 Service Providers or OIDC RPs can authenticate users through their eID Wallet Instance using OpenID4VP.
55+
56+
**C. Credential Issuance to Wallet**
57+
Users requesting Digital Credentials from Credential Issuers (OpenID4VCI) can be authenticated through:
58+
- Legacy SAML2/OIDC infrastructure (SPID, CIE, eIDAS)
59+
- Credential Presentations (OpenID4VP)
60+
61+
<img src="gallery/iam-proxy.svg" width="768">
62+
63+
**Figure1** : _The IAM Proxy Italia acts as a centralized intermediary, providing protocol translation and metadata adaptation between legacy SAML2/OIDC Service Providers and various authentication systems including SPID, CIE, eIDAS Identity Providers, and eID Wallet authentication systems based on OpenID4VP._
5564

5665
This solution configures multiple proxy _frontends_ and _backends_
57-
to get communicating systems that, due to protocol or specific
58-
limitations, traditionally could not interact each other.
66+
to get communicating systems facilitating their integrations.
5967

6068

6169
## Demo components
6270

6371
The example project comes with some preconfigured static pages.
6472

65-
<img src="gallery/disco_page.png" width="512">
73+
<img src="gallery/disco_page.png" width="768">
6674

6775
for other page screenshots, see [here](README-GALLERY.md).
6876

0 commit comments

Comments
 (0)