A security profile defines the security operations to be performed
by input and output nodes.
Security profiles contain values for the following properties:
- Authentication
- Defines the type of authentication that is performed on the source identity.
This property applies to input nodes. For more information, see Authentication.
- AuthenticationConfig
- This is a provider-specific configuration string. It typically defines
the information that the authentication client needs to connect to the provider,
and the information needed to look up the identity tokens. This property applies
to input nodes.
- Mapping
- Defines the type of mapping that is performed on the source identity.
This property applies to input nodes. For more information, see Identity mapping.
- MappingConfig
- This is a provider-specific configuration string. It typically defines
how the client connects to the provider, and contains additional information
required to look up the mapping routine. This property applies to input nodes.
- Authorization
- Defines the types of authorization checks that are performed on the mapped
or source identity. This property applies to input nodes. For more information,
see Authorization.
- AuthorizationConfig
- This is a provider-specific configuration string. It typically provides
information on how to connect to the provider, and also some information that
can be used to check access (for example, a group that can be checked for
membership). This property applies to input nodes.
- Propagation
- Enables or disables identity propagation on output and request nodes.
For more information, see Identity propagation.
For information on configuring a security profile for LDAP or TFIM, see Configuring a security profile.