Architecture
The functionality of IdentityManager is provided via a browser-based user interface which is backed by a a RESTful API. It is possible to use the RESTful API directly.
IdentityManager defines an extensible interface called the IdentityManagerService to abstract the identity management system being used. This interface provides metadata for the identity management system, as well as APIs to read and write to the identity management system. The RESTful API is driven by this IdentityManagerService, which in turn drives the user interface.
Currently, MembershipReboot and ASP.NET Identity v2 are the supported identity management systems, but other identity management systems are possible (such as ASP.NET Membership, Active Directory or LDAP). This interface uses a metadata driven approach to drive the API and user interface.
IdentityManager is designed as OWIN middleware and can be run in any OWIN host.
The security model can be configured to only allow users running on the same machine or can be configured to use any Katana based authentication middleware to authenticate users.