OAuth and OpenID Connect

OAuth 2.0 and OpenID Connect (OIDC 1.0) are different but highly related protocols and they are often confused. When we talk about IAM (identity and access management), we should first distinguish between Authentication (AuthN) and Authorization (AuthZ): AutheNtication (AuthN, aka Identity Management) is about validating user’s identity by verifying that the user trying to connect … Read moreOAuth and OpenID Connect

Security Assertion Markup Language (SAML)

SAML is an XML-based standard for exchanging authentication and authorization data between IdP (identity provider) and service provider. We can compare SAML with LDAP (as authentication protocol) as both are to provide single-sign-on (SSO) feature. LDAP is considered traditional configuration in on-premise operation for organizations. The configuration can be complex and administrators needs to complete … Read moreSecurity Assertion Markup Language (SAML)