OAuth and OpenID Connect

OAuth 2.0 and OpenID Connect 1.0 are different types of protocols and they are often confused. When we talk about IAM (identity and access management), we should distinguish between AuthZ and AuthN: AutheNtication (AuthN, aka Identity Management) is about validating user’s identity by verifying that the user trying to connect is actually who it claims … Read moreOAuth and OpenID Connect

Security Assertion Markup Language (SAML)

SAML is an XML-based standard for exchanging authentication and authorization data between IdP (identity provider) and service provider. We can compare SAML with LDAP (as authentication protocol) as both are to provide single-sign-on (SSO) feature. LDAP is considered traditional configuration in on-premise operation for organizations. The configuration can be complex and administrators needs to complete … Read moreSecurity Assertion Markup Language (SAML)