Single Sign On (SSO) Flashcards
What is Single Sign On (SSO)?
(SSO) is a session and user authentication service that permits a user to use one set of login credentials (such as a name and password) to access multiple applications.
SSO can be used by enterprises, smaller organizations and individuals to ease the management of various usernames and passwords.
What is SAML?
Security Assertion and Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identify provider and a service provider.
OAuth 2.0 or OAuth2
OAuth 2.0 is an open standard or framework for authorization giving a consistent pattern to request, receive and apply authorization policies across resources
Typical use case includes granting websites or applications access to their information on other websites, but without giving them the password (e.g. authenticate APIs requests to other websites).
It can also be used for authorization and SSO.
Think about the Hotel analogy. Hotel = Authorization Server. Your License is your authentication. The room key is the access token resulting from authn and authz from the Hotel. The Room is the resource to protect.
What is OpenID Connect (OIDC)?
OIDC is an identity layer built on top of OAuth 2.0 framework designed specifically for SSO use cases and it provides authorization.
OID provides structure to a user profile so that you can selectively share it. e.g. select specific attributes in a profile and not the entire profile.
Typically used for consumer SSO. Might replace SAML as it is more light weight.