Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update identity provider list #2486

Closed
wants to merge 1 commit into from
Closed

Update identity provider list #2486

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 20 additions & 5 deletions _docs/management/leveraging-authentication.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,26 @@ redirect_from:
title: Leveraging cloud.gov authentication
---

cloud.gov uses Cloud Foundry's [User Account and Authentication (UAA) server](https://docs.cloudfoundry.org/concepts/architecture/uaa.html) to provide identity management capabilities for the cloud.gov platform.

App developers can leverage cloud.gov's UAA instance as a backend that brokers authentication with [supported identity providers]({{ site.baseurl }}{% link _docs/getting-started/accounts.md %}#get-access-to-cloudgov) (currently EPA, FDIC, GSA, NSF, and a cloud.gov provider that supports other agencies). You can use cloud.gov's authentication brokering if the users that you need to authenticate in your application are federal employees and contractors who can use those authentication methods.

This service handles only authentication, not authorization -- it's up to your application to manage what they can access within the application. Once you set it up, you can direct your users to the [list of ways to get cloud.gov access]({{ site.baseurl }}{% link _docs/getting-started/accounts.md %}#get-access-to-cloudgov); they don't need any org or space roles, they just need to be able to log into cloud.gov.
cloud.gov uses Cloud Foundry's [User Account and Authentication (UAA) server](https://docs.cloudfoundry.org/concepts/architecture/uaa.html) to provide identity access capabilities for the cloud.gov platform.

You can leverage cloud.gov's authentication system to enable users to log into your application. This service handles only authentication, not authorization -- it's up to your application to manage what they can access within the application. The supported identity providers are:

- DOJ.gov
- ED.gov
- EPA.gov
- FDIC.gov
- FEC.gov
- FRTIB.gov
- GSA.gov
- MCC.gov
- NIH.gov
- OMB.gov
- ONRR.gov
- SSA.gov

In addition, you can direct users with a valid federal email address to the [list of ways to get cloud.gov access]({{ site.baseurl }}{% link _docs/getting-started/accounts.md %}#get-access-to-cloudgov) to sign up for a cloud.gov account; they don't need any org or space roles, they just need to be able to log into cloud.gov.

You can use cloud.gov's authentication brokering if the users that you need to authenticate in your application are federal employees and contractors who can use those authentication methods.

## Using cloud.gov authentication

Expand Down
Loading