OAuth 2.0 Concepts: Difference between revisions
| Line 4: | Line 4: | ||
Identity. [https://en.wikipedia.org/wiki/Identity_management Identity Management]. | Identity. [https://en.wikipedia.org/wiki/Identity_management Identity Management]. | ||
Identity Federation and Single Sign-On are related concepts. | |||
User's presence in the system - means that the user identity is associated with the thread that is processing the user's request, and in a way, it is the user that "drives" the thread. The identity is associated with the thread in the form of a ''security context''. | User's presence in the system - means that the user identity is associated with the thread that is processing the user's request, and in a way, it is the user that "drives" the thread. The identity is associated with the thread in the form of a ''security context''. | ||
Revision as of 20:09, 12 November 2017
Internal
Identity. Identity Management.
Identity Federation and Single Sign-On are related concepts.
User's presence in the system - means that the user identity is associated with the thread that is processing the user's request, and in a way, it is the user that "drives" the thread. The identity is associated with the thread in the form of a security context.
There are software agents that perform actions on behalf of the user, and this is where OAuth is relevant - a user can delegate in a standard and secure way the authority of performing certain actions. Even the software agent (the OAuth client) operates under a different identity, it can still perform action on behalf of a user that may not be even logged in anymore. An example of such identity is an OpenShift service account.
Authentication.
Authentication protocols, single sign-on, SAML.
Authorization.