You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+17-9Lines changed: 17 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -43,26 +43,34 @@ with Metadata, Authn Requests and Responses.
43
43
44
44
## Introduction
45
45
46
-
IAM Proxy Italia is an intermediate between many SAML2/OIDC
47
-
Service Providers and many SAML2/OIDC Identity Providers or Wallet authentication sytems based on OpenID4VP.
46
+
**IAM Proxy Italia** acts as an intermediary between different digital identity authentication systems, including SAML2/OIDC Providers and eID Wallet authentication systems based on OpenID4VC.
48
47
49
-
It allows traditional Saml2 Service Providers, or OIDC RP or OAuth2 Clients to communicate with
50
-
**Spid**, **CIE** and **eIDAS** Identity Providers adapting Metadata and AuthnRequest operations.
48
+
It supports three main use cases:
51
49
52
-
<imgsrc="gallery/spid_proxy.png"width="256">
50
+
**A. Legacy Integration**
51
+
Legacy SAML2 Service Providers or OIDC RPs can communicate with SPID, CIE, and eIDAS Identity Providers through metadata and authentication request adaptation.
53
52
54
-
**Figure1** : _Traditional SAML2 Service Providers (SPs) proxied through the SATOSA SPID Backend gets compliances on AuthnRequest and Metadata operations_.
53
+
**B. Wallet Authentication**
54
+
Legacy SAML2 Service Providers or OIDC RPs can authenticate users through their eID Wallet Instance using OpenID4VP.
55
+
56
+
**C. Credential Issuance to Wallet**
57
+
Users requesting Digital Credentials from Credential Issuers (OpenID4VCI) can be authenticated through:
**Figure1** : _The IAM Proxy Italia acts as a centralized intermediary, providing protocol translation and metadata adaptation between legacy SAML2/OIDC Service Providers and various authentication systems including SPID, CIE, eIDAS Identity Providers, and eID Wallet authentication systems based on OpenID4VP._
55
64
56
65
This solution configures multiple proxy _frontends_ and _backends_
57
-
to get communicating systems that, due to protocol or specific
58
-
limitations, traditionally could not interact each other.
66
+
to get communicating systems facilitating their integrations.
59
67
60
68
61
69
## Demo components
62
70
63
71
The example project comes with some preconfigured static pages.
64
72
65
-
<imgsrc="gallery/disco_page.png"width="512">
73
+
<imgsrc="gallery/disco_page.png"width="768">
66
74
67
75
for other page screenshots, see [here](README-GALLERY.md).
0 commit comments