Identity, authentication, and service-catalogue service — issues tokens, manages users and projects, federates with external identity providers (LDAP, SAML, OIDC), and exposes the service catalogue every other OpenStack project consumes for endpoint discovery
FluffyStack toolsJurisdictional exposure
Sub-services (3)
Domains
Top-level identity boundaries containing projects and users
Federation
SAML2 and OIDC federation with external identity providers
Policies
RBAC policy framework consumed by every service for authorisation
Tags
Equivalent services on other platforms
Alibaba Cloud's identity and access management service with users, groups, roles, fine-grained JSON policies, SAML 2.0 federation to enterprise IdPs, and Security Token Service for temporary credentials
Centralised identity and access management with users, groups, roles, and fine-grained JSON policies, MFA enforcement, identity federation, and IAM Access Analyzer
Cloud identity and access management (formerly Azure AD) with SSO, MFA, conditional access, B2B and B2C guest accounts, and privileged identity management
Fine-grained identity and access management with predefined and custom roles, service accounts, workload identity federation, and audit logging
Centralised identity management for Huawei Cloud with users, user groups, role-based and fine-grained policies, federated identity via SAML/OIDC, MFA, and temporary credentials through Security Token Service
Enterprise identity-as-a-service covering workforce and customer identity with federation (SAML, OIDC), social sign-in, MFA, risk-based adaptive authentication, and delegated administration — the rebranded OCI IAM Identity Cloud Service
Tencent Cloud's identity and access management service with sub-accounts, user groups, roles, fine-grained JSON policies, SAML and OIDC federation, MFA, temporary credentials via Security Token Service, and cross-account role assumption