I work as an architect at a big telco that has recently become a quad-player. Part of my job is to think of what services come next. My previous interest has always been distributed computing, either networking or large data-sets. Also as part of my job I attend IT conferences on the internet of distributed… Continue reading Some Questions After Quad-Play
Tag: OpenID Connect
Why the Future of Identity is OpenID Connect and not SAML
This blog is part of a series comparing the implementation of identity management patterns in SAML and OpenID Connect: Identity Broker Service in OpenID Connect Identity Broker Service in SAML OpenID Connect AuthN & AuthZ Comparison of OpenID Connect with OAuth2.0 & SAML2.0 Cross Domain Identity Patterns: Chained Federation & Service Broker Future of Identity Federation is OpenID Connect Identity… Continue reading Why the Future of Identity is OpenID Connect and not SAML
Identity Broker Service in OpenID Connect: Supporting Multiple Identity Providers & Service Providers
This blog is part of a series comparing the implementation of identity management patterns in SAML and OpenID Connect: Identity Broker Service in SAML OpenID Connect AuthN & AuthZ Cross Domain Identity Patterns: Chained Federation & Service Broker Identity Broker Service in OpenID Connect In an earlier blog post (Identity Broker Service in SAML) described how to support connections between… Continue reading Identity Broker Service in OpenID Connect: Supporting Multiple Identity Providers & Service Providers
OpenID Connect Simple Sequence Diagram
The OpenID Connect protocol, in abstract, follows the following steps. The RP (Client) sends a request to the OpenID Provider (OP). The OP authenticates the End-User and obtains authorization. The OP responds with an ID Token and usually an Access Token. The RP can send a request with the Access Token to the UserInfo Endpoint.… Continue reading OpenID Connect Simple Sequence Diagram
Comparison of OpenID Connect with OAuth2.0 & SAML2.0
The following is a high level feature comparison between OpenID Connect 1.0, OAuth 2.0 & SAML 2.0 OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to… Continue reading Comparison of OpenID Connect with OAuth2.0 & SAML2.0
NASCAR problem in authorisation server selection
An aim of OpenID Connect is to solve the problem of death by a thousand passwords by allowing the user to select their identity provider including ones that the relying party has never heard of through Dynamic Registration. A problem of allowing the user to select their identity provider is that the authentication challenge page needs… Continue reading NASCAR problem in authorisation server selection
API Crazy 