| Wiki Markup |
|---|
{div:style=| Div |
|---|
| style | font-weight:bold;font-size:1.2em; |
|---|
| }[Account Service Home]{div} |
|
| Table of Contents |
|---|
| maxLevel | 7 |
|---|
| minLevel | 3 |
|---|
| maxLevel | 7 |
|---|
|
Description
| Wiki Markup |
|---|
{multi-excerpt:name=brief-description}
The Account service offers operations to manage a CollectionSpace account. To securely access the CollectionSpace services, an account for a user is required in the system. An account is associated with an identity. The identity could reside in the [CollectionSpace Identity Provider (CS IdP)] which is the default identity provider. It could also reside in a foreign identity provider, such as an institution's single sign-on (SSO) system (e.g. [CalNet|https://calnet.berkeley.edu/]), or an [OpenID provider|http://openid.net/get-an-openid/].{multi-excerpt} |
...
The Account service also provides a user management interface for the CS IdP.
| Note |
|---|
In release 0.4 only CS IdP is supported |
Key Concepts
A CollectionSpace user's identity could reside in the default identity provider or a foreign identity provider. Account Service manages an identity only if the identity is stored in the realm managed by the default identity provider. That means, Account Service also provides identity management functions for the default identity provider.
...
| Note |
|---|
- The Person Service is the System of Record (SOR), or authoritative data source, for personIds.
- The SOR for systemIds is TBD.
|
References
- Authentication Service Description and Assumptions
- CollectionSpace Identity Provider (CS IdP)Design notes for multi-tenancy in CollectionSpace
- /wiki/spaces/collectionspace/pages/666274889
Questions