Manage Users¶

ICOS IAM Service¶

All operations within the ICOS Continuum require authentication and proper authorization before execution. These functionalities are provided by the Identity and Access Management (IAM) component, which is invoked in nearly all interactions between components and is integral to the realization of all functionalities.

Three scenarios are analyzed to demonstrate how:

1. Users' authentication and authorization are achieved.
2. Service-to-Service authentication and authorization is achieved.
3. Cross-Controller identities and authorization are achieved.

The IAM component manages users who are Application Integrators interacting with ICOS for deploying and managing their applications. This does not include end users of the applications or devices within the Cloud Continuum.

All workflows rely on the OAuth2.0 protocol for communication between components, ensuring state-of-the-art security, trust, and an easy integration with both existing and new components.