3rd-Party Authn/Authz

3rd-Party Authn/Authz
OpenID
Generic
Google
OAuth
Twitter
Facebook

Centralized authentication
Single identify throughout the Internet
Returns: identifier (and optional data)

Generic OpenID
User enters a URL
Consumer “discovers” based on the URL
Redirects to provider
User authenticates with provider
Redirects to consumer
Lots of hashy stuff going on here. Discovery varies V1 to V2.

“Federated Login for Google Account Users”
OpenID V2 + AX
Single discovery URL for everybody

Users allow Site to perform actions on their behalf via Service, without needing your password to Service
Returns: identifier and access token

Generic OAuth
Site gets request token from Service
Redirects User to Service
User authenticates and authorizes
Redirects to Site
Site gets access token from Service
All implementations are service-specific. Hashy stuff varies V1 to V2.

OAuth 1.0
Has both authentication and authorization endpoints
Access levels: read, read/write, read/write/private.

OAuth 2.0
Very fine-grained permissions

http://www.kerzap.com	76
http://new.kerzap.com	29

3rd-Party Authn/Authz

by philipsharp on Sep 21, 2011

Accessibility

Categories

Upload Details

Usage Rights

2 Embeds 105

Statistics

3rd-Party Authn/Authz — Presentation Transcript