The English version of quarkus.io is the official project site. Translated sites are community supported on a best-effort basis.

身份提供者(Identity Providers)

In the Quarkus Security framework, identity providers play a crucial role in authentication and authorization by verifying user identities. IdentityProvider creates a SecurityIdentity instance, which gets used during user authentication to verify and authorize access requests to your Quarkus application.

IdentityProviderHttpAuthenticationMechanism 提供的认证凭证转换为 SecurityIdentity 实例。

Some extensions, for example, OIDC, OAuth2, and SmallRye JWT, have inline IdentityProvider implementations specific to the supported authentication flow. For example, quarkus-oidc uses its own IdentityProvider to convert a token to a SecurityIdentity instance.

If you use Basic or form-based authentication, you must add an IdentityProvider instance to convert a username and password to a SecurityIdentity instance.

To get started with security in Quarkus, consider combining the Quarkus built-in Basic HTTP authentication with the Jakarta Persistence identity provider to enable role-based access control (RBAC).

For more information about Basic authentication, its mechanisms, and related identity providers, see the following resources:

Related content