In this guide, we'll walk you through extending your on‑premises Microsoft Active Directory Domain Services (AD DS) and Active Directory Federation Services (AD FS) in order to establish a secure, claims‑based federation with Open Telekom Cloud's Identity and Access Management (IAM) platform. We are going to leverage the SAML 2.0 protocol to achieve seamless single‑sign‑on between your on-premises corporate directory and the Open Telekom Cloud IAM, ensuring both strong security and a smooth user experience.
We found 14 articles tagged with "security"
Authentik is a modern, open-source Identity Provider (IdP) that offers flexible and secure authentication and authorization solutions for organizations of all sizes. It provides a comprehensive suite of identity management features, allowing businesses to centralize user authentication, implement single sign-on (SSO), and manage access to various applications and services.
This guide will walk you through the process of integrating authentik, with Identity and Access Management (IAM) of Open Telekom Cloud using OAuth 2.0.
This topic walks you through how to combine dedicated WAF instances and layer-7 load balancers to protect your services over non-standard ports that cannot be protected with WAF alone. For ports supported by WAF, see Ports Supported by WAF.
WAF provides three anti-crawler policies, bot detection by identifying User-Agent, website anti-crawler by checking browser validity, and CC attack protection by limiting the access frequency, to comprehensively mitigate crawler attacks against your websites.
This tutorial will guide you through the process of setting up authentik on your CCE Kubernetes environment.
In this blueprint, we are going to discuss the steps to install Keycloak, in Open Telekom Cloud, on a CCE Cluster.
This guide walks through the deployment of ZITADEL within a Cloud Container Engine (CCE) Kubernetes cluster on Open Telekom Cloud. It covers the necessary configuration steps, from preparing the environment to running ZITADEL as a production-ready identity management service within your Kubernetes workload.
Identity Federation with GitHub refers to the process of allowing users to authenticate using their GitHub credentials to access various applications and services. This method leverages GitHub as an identity provider (IdP), enabling single sign-on (SSO) capabilities and simplifying user management across different platforms.
Identity Federation in Keycloak refers to the ability to use external identity providers to authenticate users in your application. In this context, GitHub can be used as an identity provider, allowing users to log in to your Open Telekom Cloud tenant using their GitHub credentials. Users can choose to log in with their GitHub accounts and Keycloak takes care of the authentication process, providing a seamless experience for users while ensuring security and centralized identity management for external accounts that are not actively managed in your tenant's IAM.
Keycloak is an open-source identity and access management (IAM) solution
Microsoft is offering an on‑premises identity foundation with Active Directory Domain Services (AD DS), which centralizes user and group object management, policy enforcement and directory lookups within a Windows Server forest and domain hierarchy. Microsoft Active Directory (AD) is an on‑premises directory service that centralizes the management of users, computers and security policies within a Windows Server domain. Its utilizing the Lightweight Directory Access Protocol (LDAP) for querying directory objects, Kerberos for secure ticket‑based authentication, and Group Policy Objects (GPOs) for enforcing configuration settings across machines. AD stores information in a hierarchical, multi‑master “forest” topology—composed of domains, trees and organizational units—which allows IT teams to delegate administrative control and segment resources according to business or geographic needs.
ZITADEL is an identity and access management platform designed for cloud-native environments. It implements open standards like OAuth2 and OpenID Connect to handle authentication and authorization processes in distributed applications. With a multi-tenant architecture, it supports centralized user identity management while accommodating various scenarios such as single sign-on and federated authentication. Its design facilitates integration with a wide range of web services and applications without imposing proprietary restrictions.
This guide outlines the steps required to integrate ZITADEL with the Identity and Access Management (IAM) of Open Telekom Cloud using the SAML 2.0 standard. The objective is to configure ZITADEL as a trusted external Identity Provider (IdP), enabling federated login for OTC users and services. This setup allows your ZITADEL-managed identities to authenticate against Open Telekom Cloud resources, forming a bridge between your custom IAM solution and the native authentication infrastructure of Open Telekom Cloud.