Identity and OAUTH 2 - s50600822/Notes GitHub Wiki

Fw7dWQVXwAA_ViC

https://developer.okta.com/blog/2019/08/22/okta-authjs-pkce https://developers.google.com/identity/protocols/oauth2/openid-connect#sendauthrequest

https://www.youtube.com/watch?v=H6MxsFMAoP8 https://www.youtube.com/watch?v=5th6CSQTdpM https://www.youtube.com/watch?v=xH6hAW3EqLk

https://www.oauth.com/playground/index.html

Feature SAML OIDC
Protocol XML JSON
Authentication data Assertions ID tokens
Authorization data Not included Can be included
Extensibility Very extensible Less extensible
Complexity More complex to implement Less complex to implement
Use cases Enterprise applications, government applications Consumer applications, mobile applications

Factors: Your existing infrastructure: If you already have an implementation of SAML, then it may be easier to continue using SAML. If you are starting from scratch, then OpenID Connect may be a better choice.

Your developer resources: If you have a team of experienced developers, then you may be able to implement SAML. If you have limited developer resources, then OpenID Connect may be a better choice.

Your compliance requirements: If you have strict compliance requirements, then SAML may be a better choice. OpenID Connect is still a relatively new standard, so it may not be the best choice for applications that need to meet strict compliance requirements.

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect

https://awsbites.com/45-what-s-the-magic-of-oidc-identity-providers

https://faun.pub/how-to-access-aws-services-from-eks-ab5fa003a1b6