[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More
Experts Exchange Solution brought to you by
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Which one to choose?
Following are the points which can be useful to consider which one to use among OpenID, OAuth or SAML or any of their combination.
•If the use case is to develop SSO where at least one partner is enterprise use SAML, otherwise use OpenID.
•If the use case involves mobile devices for API authorization then use OAuth.
•If use case requires a centralized identity provider the use SAML.
We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.
SAML has one feature that OAuth2 lacks: the SAML token contains the user identity information (because of signing). With OAuth2, you don't get that out of the box, and instead, the Resource Server needs to make an additional round trip to validate the token with the Authorization Server.
On the other hand, with OAuth2 you can invalidate an access token on the Authorization Server, and disable it from further access to the Resource Server.
Both approaches have nice features and both will work for SSO.
OAuth2 provides a simpler and more standardized solution which covers all of our current needs and avoids the use of workarounds for interoperability with native applications.
If the information validates, the Enterprise Gateway authorizes the message for the resource specified in the assertion.
When configuring this filter, it may be useful to refer to the following SAML authorization assertion as an example:
Issuer="AA" IssueInstant="2002-03-26 16:23:35">
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
From novice to tech pro — start learning today.
Premium members can enroll in this course at no extra cost.