What’s the Difference Between OpenID Connect, SAML and OAuth?

28 / Aug / 2023 by Raushan Tiwari 0 comments

OpenId Connect (OIDC)

OpenID Connect is an extension of OAuth2 that adds an identity layer to the authorization framework. It allows a client to verify the user’s identity and obtain basic profile information. The user logs in to an identity provider (such as Google or Facebook) using OpenID Connect, and the identity provider returns an ID token to the client. The ID token is a JSON Web Token (JWT) containing user information, such as their name, email, and picture. The client can also request an access token and a refresh token from the identity provider, which can be used to access other resources.

SAML (Security Assertion Markup Language) 

“Security Assertion Markup Language” (SAML) is a type of single sign-on (SSO) standard. It defines a set of rules and protocols that allow users to access web applications with a single login. it is designed for authentication and authorization. The SAML token is a SAML assertion and uses XML in message transmissions. SAML is used mostly in enterprises. Many organizations use it for logging in users to internal networks.

OAuth (Open Authorization)

“Open Authorization”, is a standard designed to allow a website or application to access resources hosted by other web apps on behalf of a user.OAuth was built solely for authorization. The envelope of credentials for each user is stored in a token. it is known as an access token.

Difference between OIDC, SAML, and OAuth.

Diffrence-betweeen-OIDC-SAML-OAuth

Conclusion: All the above protocols are created to standardize and encourage interoperability of infrastructure access management systems.

FOUND THIS USEFUL? SHARE IT

Leave a Reply

Your email address will not be published. Required fields are marked *