Basic Concepts¶
Client¶
Refers to the Service Provider (SP), which includes the service providers and the applications or services connected to SSO. The SP provides users with specific services by establishing a trust relationship with the IdP and using the user information provided by the IdP.
Authentication Source¶
Refers to the Identity Provider (IdP), the provider of the authentication service. The IdP is responsible for collecting and storing user identity information, such as user names and passwords, creating, maintaining, and managing user identity information services, and authenticating users when they log in.
- Enterprise-owned IdP: such as Microsoft Azure Active Directory, Microsoft Active Directory Federation Services
- EnOS’s authentication service
OIDC Protocol¶
As a simple identity layer on top of the OAuth2.0 protocol, OpenID Connect allows the client to verify the user’s identity based on the authentication service and get the basic information of the end user.
SAML Protocol¶
The Security Assertion Markup Language is an open standard that allows IdPs to pass the authorization certificates to the SPs.