Canonical Identity Platform

Composable identity provider and identity broker system based on Juju.

The Canonical Identity Platform is the simplest way to add single sign on (SSO) for charmed workloads and centralized authentication, authorisation and access governance controls.

See more: Identity Platform

The Canonical Identity Platform uses best of breed open source software to provide:

  • The ability to configure SSO with third party, OIDC compliant identity providers (e.g. Azure AD, Google, Okta, etc.)
  • A standard compliant OAuth/OIDC server
  • User and client management functionalities
  • A relationship based access control (ReBAC) backend
  • A login UI and error pages

While primarily designed for charmed workloads the Canonical Identity Platform can also be used to protect traditional Kubernetes and Virtual Machine based applications.

In this documentation

Tutorial
Get started - a hands-on introduction for new users deploying the Identity Platform
How-to guides
Step-by-step guides covering key operations and common tasks
Reference
Technical information - specifications, APIs, architecture
Explanation
Discussion and clarification of key topics related to Identity Platform

Project and community

The Canonical Identity Platform is a member of the Ubuntu family. It’s an open source project that warmly welcomes community projects, contributions, suggestions, fixes and constructive feedback.

Thinking about using the Canonical Identity Platform for your next project? Get in touch with the team!

Navigation

Navigation
Level Path Navlink
1 overview Home
1 tutorials Tutorial
2 tutorials/e2e-tutorial Getting started with the Canonical Identity Platform
2 tutorials/identity-access-proxy-tutorial Getting started with the Canonical Identity and Access Proxy
1 how-to How-to guides
2 how-to/integrate-external-identity-provider Integrate with external identity providers
2 how-to/integrate-oidc-compatible-charms Integrate with OIDC compatible charms
2 how-to/integrate-cos Integrate with Canonical Observability Stack
2 how-to/ory-database-migration Perform Database Migration with Identity Platform Components
2 how-to/use-local-identity-provider Use local identity provider
2 how-to/manage-users Manage users
1 reference Reference
2 reference/bundles Bundles
2 reference/self-service-flows Self-service flows
3 reference/bundles/identity-platform Identity Platform
3 reference/bundles/architecture Architecture
3 reference/bundles/login-flow Login flow
2 reference/observability Observability setup
3 reference/observability/kratos-observability Kratos Observability
3 reference/observability/hydra-observability Hydra Observability
3 reference/observability/identity-platform-login-ui-observability Identity Platform Login UI Observability
2 reference/kubernetes-charms Kubernetes Charms
3 reference/kubernetes-charms/hydra Hydra
3 reference/kubernetes-charms/kratos Kratos
3 reference/kubernetes-charms/kratos-external-idp-integrator Kratos External IdP Integrator
3 reference/kubernetes-charms/idp-ui Identity Platform Login UI
1 explanation Explanation
2 explanation-security Security in Canonical Identity Platform