SSO Solutions Flashcards

1
Q

XML

A

Extensible Markup Language. Data description and exchange language used by SSO applications to exchange information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SAML

A

Security Assertion Markup Language: Uses XML to exchange authentication and authorization information between federated organizations.

Provides SSO for browser access.

Adopted by OASIS as a standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SAML Entities

A

Principle or User
Identity Provider
Service Provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SAML Assertions

A

Authentication
Authorization
Attributes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

OAuth 2.0

A

Authorization (not authentication) framework.
RFC 6749 and maintained by IETF
Authorizes one application to use another by issuing tokens

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

OpenID

A

Maintained by OpenID foundation and not an RFC or IETF

Allows for decentralized authentication (not authorization) where you can login to multiple unrelated sites using credentials from an OpenID provider.

Uses your OpenID identifier.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

OIDC

A

OpenID Connect

Provides authentication and authorization services

This is how you can login to service using Google or Apple accounts.

Maintained by OpenID foundation

Uses JSON Web Tokens (JWT)

JWTs can provide information about the user as well

How well did you know this?
1
Not at all
2
3
4
5
Perfectly