OpenID Connect (final specs launched Feb 2014) is an interoperable authentication protocol based on the OAuth 2.0 family of specifications. It uses straightforward REST/JSON message flows with a design goal of “making simple things simple and complicated things possible”. OpenID Connect lets developers authenticate their users across websites and apps without having to own and manage… Continue reading Open ID Connect and GSMA Mobile Connect
Tag: OAuth
Cross Domain Identity Patterns: Chained Federation & Service Broker
Chained Federation allows access to multiple Service Providers to be granted to multiple trusted Identity Providers. The identity provider request access to the service provider via the Service Broker which authorises the request and forwards to the appropriate service provider based on the TargetURL. This is useful where an enterprise is providing multiple services to… Continue reading Cross Domain Identity Patterns: Chained Federation & Service Broker
OAuth Terminology in SAML2
A Resource Server in OAuth is a Service Provider in SAML2An Authorization Server in OAuth is an Identity Provider in SAML2Thankfully a Client is a UserI still often say SPIL (SAML2.0 Service Provider Initiated Login) and IDIL (SAML2.0 Identity Provider Initiated Login) on a regular basis. I find RSIL and ASIL harder.
API Crazy 