Identity
Passport
The identity and authentication platform for BizFirstGO — SSO federation, role-based access control, custom identity providers, and managed service accounts.
SSO Providers
Configure SAML 2.0 and OIDC identity providers — metadata, signing certificates, attribute mapping.
SSO Consumers
BizFirstGO services as OIDC clients — Go.Essentials middleware, JWT validation, tenant-scoped tokens.
IAM
Role-based and attribute-based access control — IIAMPolicyEngine, built-in roles, permission strings.
Custom IAM
Extend IAM with custom resolvers — ICustomPermissionResolver, ICustomRoleProvider, DI registration.
Bring Your Own IAM
Replace Passport with an external identity system — IExternalTokenProvider, claim bridging.
Managed Identities
Service accounts for automated processes — client credentials flow, credential rotation, audit log.