Merge pull request #108 from coreos/bobbyrullo-patch-1

Update README.md
This commit is contained in:
bobbyrullo 2015-09-02 18:06:22 -07:00
commit 507649750c

View file

@ -5,7 +5,7 @@ dex
dex is a federated identity management service. It provides OpenID Connect (OIDC) to users, and can proxy to multiple remote identity providers (IdP) to drive actual authentication, as well as managing local username/password credentials. dex is a federated identity management service. It provides OpenID Connect (OIDC) to users, and can proxy to multiple remote identity providers (IdP) to drive actual authentication, as well as managing local username/password credentials.
We named the project 'dex' beceause it is a central index of users that other pieces of software can authenticate against. We named the project 'dex' because it is a central index of users that other pieces of software can authenticate against.
## Architecture ## Architecture
@ -16,11 +16,11 @@ dex consists of multiple components:
- host a user-facing API that drives the OIDC protocol - host a user-facing API that drives the OIDC protocol
- proxy to remote identity providers via "connectors" - proxy to remote identity providers via "connectors"
- provides an API for administrators to manage users. - provides an API for administrators to manage users.
- **dex-overlord** is an auxiliary process responsible for two things: - **dex-overlord** is an auxiliary process responsible for various administrative tasks:
- rotation of keys used by the workers to sign identity tokens - rotation of keys used by the workers to sign identity tokens
- garbage collection of stale data in the database - garbage collection of stale data in the database
- provides an API for bootstrapping the system. - provides an API for bootstrapping the system.
- **dexctl** is CLI tool used to manage an dex deployment - **dexctl** is a CLI tool used to manage a dex deployment
- configure identity provider connectors - configure identity provider connectors
- administer OIDC client identities - administer OIDC client identities
- **database**; a database is used to for persistent storage for keys, users, - **database**; a database is used to for persistent storage for keys, users,