Cloud Foundry includes a component called the User Account and Authentication (UAA) service which was introduced about a year ago. It provides user account management and authentication for developers that push applications to cloudfoundry.com, including single signon with support.cloudfoundry.com, micro.cloudfoundry.com, and more on the way. It also provides delegated authorization capabilities to partner sites so that they can interact with Cloud Foundry on a user’s behalf without access to user credentials.

An introduction and details of the UAA from a developer perspective can be found in earlier blog posts. In this post I will focus on the UAA’s integration of three emerging identity standards and what that implies for some specific Cloud Foundry deployment patterns.

Check the all article in the Cloud Foundry blog