MyIdentityGraph Ontology

A domain ontology represents concepts. MyIdentityGraph defines an information schema specific to the Identity and IoT Domain and an implementation applied to the use at SSOCircle.

  • Entities represent subjects like persons, services, data or devices (Vertices in the Graph)
  • Verbs represent relationships between entities (Edges in the Graph)
  • Attributes describe properties of an entity or a verb


Identity vertices represent subjects which own resources or have other access permissions to act on resources. Identities may delegate their rights to other identities and as such hand over their access permissions to other identities. Currently the following classes of identities are available at SSOCircle MyIdentityGraph:

Identity Super Resource
Person Identity

Resource vertices represent objects which are owned by a Person. Currently the following classes of resources are availabe at SSOCircle MyIdentityGraph:

Identity Super Resource Parent Super Resource
UserProfileData Data Resource
Yubikey Device
SAMLServiceProvider Provider



Permissions are represented as Graph Edges of the corresponding type and start at an Identity Vertex and end at a Resource Vertex.

Permissions and Permission Requests
Permission / Request Super Class
read Permission
reqRead Request


Permissions to a resource can be requested at the owner of the resource. Permission requests are represented as Graph Edges and start at an Identity Vertex. The following permission and corresponding request types are defined

Request – Permission correspondence
Permission Request
read reqRead
read reqRead
write reqWrite
execute reqExecute
read reqRead

Delegations are represented as Graph Edges and start at an Identity Vertex and end at another Identity Vertex. A Delegation is a special type of Permission.

Edge Super Class Parent Super Class
delegate Delegation Permission


Other relationships are represented as Graph Edges. Here we summarize relationships which do not inherit from permission type. For example, a user who federates to a SAML or OpenID service provider creates a “federate” relation between his person node and the provider.

Other Relations
Edge Super Class
federate Relation

Attributes are specific to the entity or the verb. Some examples are listed below

Entity Attributes
UserProfileData Lastname, Givenname, Email, Initials
Person public profile attributes like Lastname, Givenname, Email
SAMLServiceProvider EntityID
Yubikey YubikeyID


The formal MyIdentityGraph (MIDG) ontology format description is described in Resource Description Format (RDF) – coming soon.

agen slot online Aplikasi Capsa Susun online Daftar Bandar Ceme Online agen ion casino Baccarat Online Roulette Online Dadu Online Sicbo Online ionclub Baccarat Online Roulette Online Dadu Online Sicbo Online daftar situs judi slot online terpercaya Bandar Togel sbobet casino Sabung Ayam Bandar Sakong Online Agen Slot