In the Quarkus Security framework, identity providers play a key role in authentication and authorization, providing services for storing and verifying user identities.
The Jakarta Persistence
IdentityProvider creates a
SecurityIdentity instance used during user authentication to verify and authorize access requests, making your Quarkus application secure.
IdentityProvider converts the authentication credentials provided by
HttpAuthenticationMechanism to a
Some extensions, for example,
SmallRye JWT have inline
IdentityProvider implementations specific to the supported authentication flow.
quarkus-oidc uses its own
IdentityProvider to convert a token to a
If you use Basic or form-based authentication, you must add an
IdentityProvider instance that can convert a username and password to a
To get started with security in Quarkus, we recommend you combine the Quarkus built-in Basic HTTP authentication with the Jakarta Persistence identity provider to enable role-based access control (RBAC).
For more information about Basic authentication, its mechanisms, and related identity providers, see the following resources: