In the Quarkus Security framework, identity providers play a crucial role in authentication and authorization by verifying user identities.
IdentityProvider creates a
SecurityIdentity instance, which gets used during user authentication to verify and authorize access requests to your Quarkus application.
IdentityProvider converts the authentication credentials provided by
HttpAuthenticationMechanism to a
Some extensions, for example,
SmallRye JWT, have inline
IdentityProvider implementations specific to the supported authentication flow.
quarkus-oidc uses its own
IdentityProvider to convert a token to a
If you use Basic or form-based authentication, you must add an
IdentityProvider instance to convert a username and password to a
To get started with security in Quarkus, consider combining the Quarkus built-in Basic HTTP authentication with the Jakarta Persistence identity provider to enable role-based access control (RBAC).
For more information about Basic authentication, its mechanisms, and related identity providers, see the following resources: