Realms

IQ Server allows users to be identified i.e. authenticated and authorized through various Identity provider services (i.e security realms).

Realms

Internal Realm

This realm identifies users using the IQ Server database. This is the default realm.

LDAP Realm

This realm identifies users using one or more LDAP (Lightweight Directory Access Protocol) servers if configured.

User Token Realm

This is a secondary realm in that it requires a user to identify with their user token, which is generated after identifying with a different primary realm. Given a user token, it identifies the corresponding user using the IQ Server database and any external resources that may be needed depending on which primary realm the user generated their user token with.

Crowd Realm

This realm identifies users using an Atlassian Crowd server if configured.

Reverse Proxy Realm

This realm identifies users via usernames sent in request headers from a reverse proxy server if configured. In this case the reverse proxy server should check user credentials instead of IQ Server.

SAML Realm

This realm identifies users using a SAML (Security Assertion Markup Language) server if configured.

Realm IDs

Some IQ Server REST API endpoints may accept one or more realm IDs, which for reference are listed below.

RealmID
Internal"Internal"
LDAPLDAP Server ID
User Token"UserToken"
Crowd"Crowd"
Reverse Proxy"ReverseProxy"
SAML"SAML"

The LDAP Server ID can be found in the UI, when editting an LDAP Server it is the path segment after "/ldap/edit/" e.g. given "/ldap/edit/143505147bab4daca0d20f45bb11335c" the LDAP Server ID is "143505147bab4daca0d20f45bb11335c". Alternatively a System Administrator can find all LDAP Server IDs by making an HTTP GET request to "/rest/config/ldap".