Identity and OAUTH 2 - s50600822/Notes GitHub Wiki
https://developer.okta.com/blog/2019/08/22/okta-authjs-pkce https://developers.google.com/identity/protocols/oauth2/openid-connect#sendauthrequest
https://www.youtube.com/watch?v=H6MxsFMAoP8 https://www.youtube.com/watch?v=5th6CSQTdpM https://www.youtube.com/watch?v=xH6hAW3EqLk
https://www.oauth.com/playground/index.html
Feature | SAML | OIDC |
---|---|---|
Protocol | XML | JSON |
Authentication data | Assertions | ID tokens |
Authorization data | Not included | Can be included |
Extensibility | Very extensible | Less extensible |
Complexity | More complex to implement | Less complex to implement |
Use cases | Enterprise applications, government applications | Consumer applications, mobile applications |
Factors: Your existing infrastructure: If you already have an implementation of SAML, then it may be easier to continue using SAML. If you are starting from scratch, then OpenID Connect may be a better choice.
Your developer resources: If you have a team of experienced developers, then you may be able to implement SAML. If you have limited developer resources, then OpenID Connect may be a better choice.
Your compliance requirements: If you have strict compliance requirements, then SAML may be a better choice. OpenID Connect is still a relatively new standard, so it may not be the best choice for applications that need to meet strict compliance requirements.
https://awsbites.com/45-what-s-the-magic-of-oidc-identity-providers
https://faun.pub/how-to-access-aws-services-from-eks-ab5fa003a1b6