Overview#A gathering of why OAuth 2.0 and the related Protocols OpenID Connect and User-Managed Access are the way forward for Authentication and Authorization/Delegation for WEB Single Sign-On.
Some Links from Others#
- Comparison of Standards Based SSO for WEB Single Sign-On
- Why OpenID Connect
- Why the Future of Identity is OpenID Connect and not SAML
- The death (and life) of a protocol
- Despite the popularity of SAML, the mobile and cloud benefits of OpenID Connect may spur adoption as an enterprise authentication platform.
- One Small Step for OpenID Connect, a Giant Leap for the Evolution of Identity Management
- Kerberos Might Not Be Dead, but It's Not Feeling Well
OpenID Connect Leverages other emerging technologies#The summary:
- OpenID Connect OpenID Connect, published in 2014, is the emerging standard for single Sign-On and identity provision on the internet.
- OpenID Connect formula for success is how it Leverages other emerging technologies delivered via the use OAuth 2.0 flows to obtain tokens
- OpenID Connect has learned lessons from past efforts such as SAML and OpenID 1.0 and 2.0
- OpenID Connect designed to fit web apps as well as native / mobile apps.
- OpenID Connect is simple enough to integrate with basic apps, but it also offers a number of features and security options to match demanding enterprise requirements.
- OpenID Connect Builds on OAuth 2.0's Delegation/Authorization framework to provide Authentication
- OpenID Connect Allows choice of Identity Provider (IDP)
- OpenID Connect is REST/JSON Friendly:
- OpenID Connect Can provide Level Of Assurance
- OpenID Connect Cool Identity Token Uses
- Builds on OAuth 2.0's Delegation/Authorization framework to provide Authentication
- Can use OpenID Connect and uses most of the OpenID Connect additions.
- Provides UMA-obligations to Satisfy Legal conditions
Broad Usage#OpenID Connect specifications are open, public and include extensibility. This along with Broad Usage provides an Delegation/Authorization/Authentication framework that is extremely well tested and flexible.
Some of the MAJOR entities using OpenID Connect:
- Single Sign On Vendors
- Social Networks
More Information#There might be more information for this subject on one of the following:
- [#1] - OpenID Connect explained - based on information obtained 2013-04-10
- [#2] - Why OpenID Connect will be ubiquitous for domain authentication - based on information obtained 2013-04-10