1 / 2

OpenID Connect turns sso into a standard oauth- protected id

OpenID Connect sso authentication a simple JSON/REST-based interoperable identity protocol built on top of the OAuth 2.0 family of specifications. Its design philosophy is ‘make simple things simple and make complicated things possible’.

gluu
Télécharger la présentation

OpenID Connect turns sso into a standard oauth- protected id

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OpenID Connect turns sso into a standard oauth- protected identity API OpenID Connect sso authentication a simple JSON/REST-based interoperable identity protocol built on top of the OAuth 2.0 family of specifications. Its design philosophy is ‘make simple things simple and make complicated things possible’. While OAuth 2.0 is a generic access authorization delegation protocol, thus enabling the transfer of arbitrary data, it does not define ways to authenticate users or communicate information about them. OpenID Connect provides a secure, flexible, and interoperable identity layer on top of OAuth 2.0 so that digital identities can be easily used across sites and applications. OpenID Connect allows a user to authenticate to an App, a service or a site (generically termed a Relying Party or RP) using an identity establish with another system, called the Identity Provider (IDP). Well known IDP’s include Google and Face book. The simplest deployment of OpenID Connect allows for clients of all types including browser-based, mobile, and javascript clients, to request and receive information about identities and currently authenticated sessions. The specification suite is extensible, allowing participants to optionally also support encryption of identity data, discovery of the OpenID Provider, and advanced session management, including logout.

  2. How is OpenID Connect different than OpenID 2.0, SAML & OAuth? OpenID Connect performs many of the same tasks as OpenID 2.0, OAuth and web access management system, but does so in a way that is standardized and API-friendly. OpenID Connect can also be extended to include more robust mechanisms for signing and encryption. Integration of OAuth 1.0a and OpenID 2.0 required an extension (called the OpenID/OAuth hybrid); in OpenID Connect, OAuth 2.0 capability is built into the protocol itself. The following graphic presents a concise summary as to why OpenID Connect is positioned for mass enterprise and customer adoption. In OpenID Connect, the jargon has been altered (surprise!) and here are a few terms you should be familiar with: OpenID Connect Provider (OP): This is the equivalent of an IdP in SAML. Relying Party (RP): What used to be SP’s, are now RP’s in OpenID Connect. Clients: Clients are websites, apps, and devices. Claims: Claims are groups of attributes that are released to Clients. Article resource:-https://sites.google.com/site/thegluuserver/openid-connect-turns-sso-into-a-standard-oauth--protected-identity-api

More Related