Chapter 3. Identity providers
In the Quarkus Security framework, identity providers play a crucial role in authentication and authorization by verifying user identities. IdentityProvider
creates a SecurityIdentity
instance, which gets used during user authentication to verify and authorize access requests to your Quarkus application.
IdentityProvider
converts the authentication credentials provided by HttpAuthenticationMechanism
to a SecurityIdentity
instance.
Some extensions, for example, OIDC
, OAuth2
, and SmallRye JWT
, have inline IdentityProvider
implementations specific to the supported authentication flow. For example, quarkus-oidc
uses its own IdentityProvider
to convert a token to a SecurityIdentity
instance.
If you use Basic or form-based authentication, you must add an IdentityProvider
instance to convert a username and password to a SecurityIdentity
instance.
To get started with security in Quarkus, consider combining the Quarkus built-in Basic HTTP authentication with the Jakarta Persistence identity provider to enable role-based access control (RBAC).
For more information about Basic authentication, its mechanisms, and related identity providers, see the following resources: