Slides for a scalable, robust OIDC identity provider with an extensible architecture. The design follows these tenets:
- Scalability starts at the client: clients need to be able to “take their business” to any service that is open. If the service fails, they can go to another one.
- Definition of availability: clients have a different view on availability than eg. 3rd party services or system administrators. For a client, the system may be “down” if they cannot connect to “their” application while all other applications work fine.
- SLAs: major cloud providers don’t guarantee a minimum availability; there’s just money credited if availability falls below X%. In order to achieve any arbitrary availability levels, a system must span multiple data centres and providers.
- Scalability and availability are interwoven: you cannot have one without the other.
Here are the slides