The Alfresco Identity Service Architecture is currently provided by an open source Identity and Access Management solution called Keycloak.
Configuration of Keycloak provides integration options for existing Identity Providers and User Databases to support Single Sign On (SSO) capabilities for Alfresco Process Services. Keycloak utilizes the OpenID Connect protocol to authenticate with Alfresco Process Services.
Authentication protocols such as SAML 2.0 and OAuth 2.0 are supported by Keycloak. LDAP and Active Directory (AD) providers are configurable within Keycloak for user federation.
Keycloak needs to be downloaded and configured separately to authenticate with Alfresco Process Services.