The Canonical Identity Platform is the simplest way to add single sign on (SSO) for charmed workloads and centralized authentication, authorisation and access governance controls.

See more: Identity Platform

The Canonical Identity Platform uses best of breed open source software to provide:

The ability to configure SSO with third party, OIDC compliant identity providers (e.g. Azure AD, Google, Okta, etc.)
A standard compliant OAuth/OIDC server
User and client management functionalities
A relationship based access control (ReBAC) backend
A login UI and error pages

While primarily designed for charmed workloads the Canonical Identity Platform can also be used to protect traditional Kubernetes and Virtual Machine based applications.

In this documentation


Tutorial Get started - a hands-on introduction for new users deploying the Identity Platform	How-to guides Step-by-step guides covering key operations and common tasks
Reference Technical information - specifications, APIs, architecture	Explanation Discussion and clarification of key topics related to Identity Platform

Project and community

The Canonical Identity Platform is a member of the Ubuntu family. It’s an open source project that warmly welcomes community projects, contributions, suggestions, fixes and constructive feedback.

Thinking about using the Canonical Identity Platform for your next project? Get in touch with the team!

Help improve this document in the forum (guidelines). Last updated a month ago.