跳至主要内容

Introduction to cloud service authentication and authorization

The basic concepts that decide who can access which applications and services are relatively simple. However, the terminology and all the variations and flavors are not! This course introduces the basic concepts of cloud service authentication and authorization to help you understand the more technical documentation and how-to guides.

Learning objectives

After completing this course, you will be able to:

  • Understand the basic authentication concepts and terminology.
  • Describe how to configure Cognite Data Fusion (CDF) to use an identity provider.

Prerequisites

There are no prerequisites for this course. However, readers with some IT knowledge or experience will find the concepts easier to understand.

Key concepts

Here are some of the key concepts we'll have a closer look at:

  • A digital identity is an entity that can be granted access. Digital identities are usually associated with one or more secrets (passwords, keys) or other attributes that allow an entity to prove it's the true holder of the identity.

  • An identity provider (IdP) is a service that stores and manages digital identities. Organizations use IdPs to allow users and applications (identities) to connect securely with the resources they need.

  • Authentication is about determining the identity of a person or application trying to access a resource. It establishes if they are who they say they are.

  • Authorization is about determining what level of access an authenticated person or application has. It specifies what data they're allowed to access and what they can do with it.

In the following units, you will learn more about these basic building blocks and explore them using an analogy of a hotel room with key cards to control access.

More information

About identity and access management