4.2.2. Identity

Identity service main objective is to give freedom to system administrators to leverage a particular organization user repository. Traditional user directories such LDAP, ActiveDirectory as well as any other user repository (database or API) can be plugged as implementations of this service.

By default, some user repositories implementations are provided for testing purposes: in memory, basic FileSystem based persistence, and basic database persistence (based on a predefined database schema). Those implementations can also be used in production if there is no other user repository available.

The Identity service is so an extensible interface (known as IdentityServiceOp) build around three main concepts: Users, Groups and Memberships:

Both Security and Human Task services will leverage the Identity one by checking user login/password and user rights (Security) and by assigning manual activities to users based on some hierarchical information (Human Tasks)