All geek questions in one place

Federated vs. delegated, OAuth vs. OpenID Connect vs SAML

I'm trying to understand the differences between federated authentication and delegated authentication, but I'm getting more and more confused.

  • Do we use the SAML ALWAYS protocol for federated authentication? or what?

  • Can I use OpenID Connect (or OAuth) for both authentication methods?

  • Do I need to have a reliable connection between the two domains in order to be able to delegate or federated authentication?

  • Do we always use SAML for partners and OpenID Connect (or OAuth) for clients?

  • I would be grateful if someone would explain the various steps for these two authentication methods between the two domains (Partners and Enterprise).

+5
source share
1 answer

The difference between the two methods are:

A delegated solution means that one site just outsource authentication requires another pre-selected site. If your site uses Facebook Connect, you are delegating your Facebook authentication tools. Visitors to your site cannot use other accounts, only accounts from suppliers that you previously selected.

A combined solution means that visitors to your site can use whatever they have, as long as they are compatible. It does not matter on the site on which the account is used, if interaction is possible. At its core, OpenID is a unified solution, because its most important feature is the ability to use any OpenID account with any service that supports OpenID.

A source

Now for your questions:

+1
source

Source: https://habr.com/ru/post/1272848/

More articles:


All Articles