Identity Operations
Project Summary
| Field | Value |
|---|---|
PRJ ID |
PRJ-SPOKE-008 |
Owner |
Evan Rosado |
Priority |
P2 (Medium) |
Status |
Planned |
Repository |
|
Antora Component |
|
Antora Title |
Identity & SSO |
Category |
Identity |
2026 Commits |
18 |
Site URL |
Purpose
The Identity & SSO component documents identity federation, single sign-on, and directory services integration. It covers SAML/OIDC flows with Keycloak, FreeIPA deployment, Active Directory trust relationships, and SSO integration patterns for infrastructure services.
This spoke bridges the gap between AD-based authentication (documented in ise-linux/ise-windows) and modern identity federation for web services and applications.
Scope
In Scope
-
Keycloak deployment and realm configuration
-
FreeIPA server installation and management
-
SAML and OIDC identity federation
-
Active Directory trust relationships
-
SSO integration for Grafana, Vault, Gitea, and other services
-
LDAP directory architecture
-
Multi-factor authentication (MFA) patterns
Out of Scope
-
AD join procedures for endpoints (covered by
ise-linux) -
Credential storage and rotation (covered by
secrets-ops) -
Network access control policies (covered by
ise-ops)
Status
| Indicator | Detail |
|---|---|
Activity Level |
Planned — 18 commits, foundational structure |
Maturity |
Early — minimal attribute system, nav established |
Last Activity |
2026 |
Key Milestone |
Keycloak and FreeIPA deployment planning |
Deployment Status |
Keycloak and FreeIPA VMs allocated, documentation in early stages |
Metadata
| Field | Value |
|---|---|
PRJ ID |
PRJ-SPOKE-008 |
Author |
Evan Rosado |
Date Created |
2026-03-30 |
Last Updated |
2026-03-30 |
Status |
Planned |
Next Review |
2026-04-15 |