Skip to content

Commit

Permalink
Update identity provider list
Browse files Browse the repository at this point in the history
NSF is no longer registered, but many others are.
  • Loading branch information
mogul authored Apr 3, 2024
1 parent 18e5b7f commit 5c2c578
Showing 1 changed file with 20 additions and 5 deletions.
25 changes: 20 additions & 5 deletions _docs/management/leveraging-authentication.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,26 @@ redirect_from:
title: Leveraging cloud.gov authentication
---

cloud.gov uses Cloud Foundry's [User Account and Authentication (UAA) server](https://docs.cloudfoundry.org/concepts/architecture/uaa.html) to provide identity management capabilities for the cloud.gov platform.

App developers can leverage cloud.gov's UAA instance as a backend that brokers authentication with [supported identity providers]({{ site.baseurl }}{% link _docs/getting-started/accounts.md %}#get-access-to-cloudgov) (currently EPA, FDIC, GSA, NSF, and a cloud.gov provider that supports other agencies). You can use cloud.gov's authentication brokering if the users that you need to authenticate in your application are federal employees and contractors who can use those authentication methods.

This service handles only authentication, not authorization -- it's up to your application to manage what they can access within the application. Once you set it up, you can direct your users to the [list of ways to get cloud.gov access]({{ site.baseurl }}{% link _docs/getting-started/accounts.md %}#get-access-to-cloudgov); they don't need any org or space roles, they just need to be able to log into cloud.gov.
cloud.gov uses Cloud Foundry's [User Account and Authentication (UAA) server](https://docs.cloudfoundry.org/concepts/architecture/uaa.html) to provide identity access capabilities for the cloud.gov platform.

You can leverage cloud.gov's authentication system to enable users to log into your application. This service handles only authentication, not authorization -- it's up to your application to manage what they can access within the application. The supported identity providers are:

- DOJ.gov
- ED.gov
- EPA.gov
- FDIC.gov
- FEC.gov
- FRTIB.gov
- GSA.gov
- MCC.gov
- NIH.gov
- OMB.gov
- ONRR.gov
- SSA.gov

In addition, you can direct users with a valid federal email address to the [list of ways to get cloud.gov access]({{ site.baseurl }}{% link _docs/getting-started/accounts.md %}#get-access-to-cloudgov) to sign up for a cloud.gov account; they don't need any org or space roles, they just need to be able to log into cloud.gov.

You can use cloud.gov's authentication brokering if the users that you need to authenticate in your application are federal employees and contractors who can use those authentication methods.

## Using cloud.gov authentication

Expand Down

0 comments on commit 5c2c578

Please sign in to comment.