SCS is able to be federate out to external IdP

[fkr]

As a SCS Customer I want to login to SCS clouds with an external IdP.

Definition of Ready:

• [ ] User Story is small enough to be finished within one sprint
• [ ] User Story is clear and understood by the whole team
• [ ] Acceptance criteria are defined
• [ ] Acceptance criteria are clear and understood by the whole team

Understanding and documentation needed for the following points:

• [x] For all following cases we need to be able to import SSL certificates for external IdPs into the SCS IdP
• [ ] As a SCS customer I want to come with a my own identities, managed in my IAM
• [ ] As a SCS customer I want to come with a public well known IdP (google, github, ...)
• [ ] As a SCS Developer, I want to instantly be able to login on my newly deployed testbed with an existing IdP, e.g. GitHub
• [ ] As a SCS Developer, I want to be able to login on the dev- and testing hardware with an existing IdP
• [ ] All acceptance criteria are met
• [ ] Changes have been reviewed
• [ ] CI tests have run successfully
• [ ] Documentation has been updated
• [ ] Release Notes have been updated

[reqa]

I've added these two points on the top of the DoD:

- [ ] For all following cases we need to be able to import SSL certificates for external IdPs into the SCS IdP
- [ ] As a SCS customer I want to come with a my own identities, managed in my IAM

[garloff]

OK, next is to document SSL cert import (testbed doc).

[JuanPTM]

Created a MR on the osism/testbed with a readme on how to add a SSL certificate to Keycloak truststore.

https://github.com/osism/testbed/pull/1636

[garloff]

Basically works. ToDo:

• Can we test against publicly available IdPs?
• Documentation should we checked for completeness.