After publishing
my previous article on 'Understanding concepts - OpenId, OAuth and SAML' , I received a general question
from a few of my colleagues and that is ‘Why OpenID arrived? What is the need
of it’?
By now, most
of us are already aware that OAuth 2.0 is an authorization protocol and it
really did a great job by providing information, which facilitated its user to
take some prodigious authorization decisions.
But what
about exchanging this information? How to do that? Is that exchange done in a
secure manner? Bla bla bla…
All such sorts
of questions are dealt in different- different manner as every authentication
provider have their own mean of exchanging this OAuth information. As not all
the providers have provided an equivalent level of security, led to some buzzes.
Here OpenID
Connect came for rescue. It fixes all the common problems by providing an authentication
protocol with a standardized way of exchanging messages between a provider and subscribers,
which is nothing but a combination of OAuth and OpenID.
We will witness this by
taking a coding example, in one of my upcoming articles. Till then stay tuned.
Comments
Post a Comment