What is an Identity Provider (idP)?
An identity provider (IdP) is a system that creates, stores, and manages digital identities. The IdP can either directly authenticate the user or can provide authentication services to third-party service providers (apps, websites, or other digital services).
Simply put, an IdP offers user authentication as-a-service. For example, you can use your Google account credentials to log in to Spotify. Here your Google Sign-In is the IdP and Spotify is the service provider (SP). Any website that requires a login, for example, uses an IdP to authenticate users. A password or other authentication factor may be used to authenticate the user.
From an IdP perspective, a user is known as a principal. A principal can be a human or a machine. An IdP can authenticate any entity, including devices. The purpose of an IdP is to track these entities and know where and how to retrieve the principal identities that determine whether a person or device can access sensitive data.