|
- Why is SAML still used for enterprise SSO instead of OIDC?
If fast and easy implementation is your primary consideration, choose OIDC It is much simpler to get up and running than SAML If your organization uses an API-centered architecture, OIDC will provide a better experience for users of native and single-page applications OIDC is lightweight and more performance-friendly than SAML
- oauth2 - OIDC + Authentik: Which token to give to user for . . .
OIDC has RP-Initiated Logout for this in which when the user initiates logs out, access and refresh token are revoked at the IdP's end, the web service clears cookies of the user and logs out the user on the web app If the user needs to be logged out by me (left the company), I remove the user's ability to use their company email
- OIDC identity token authentication using JWKS instead of token . . .
This may be just an academic question, but I have been wondering about something, OK so for this purpose all we care about is AuthN, not AuthZ Also, there are no users at all, just daemon-to-daemon
- How important is the JWKS endpoint in OpenID Connect?
Stack Exchange Network Stack Exchange network consists of 183 Q A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers
- openid connect - OIDC Flow for SPA and RESTful API - Information . . .
OIDC Flow for SPA and RESTful API Ask Question Asked 8 years, 11 months ago Modified 6 years, 1 month ago
- Why use OpenID Connect instead of plain OAuth2?
Are you sure your statement "OpenID connect will give you an access token plus an id token " is correct? I thought an application can have an id_token and share it with a different application and then get an access token from that application OIDC rides on top of the OAuth2 protocol but you don't necessarily get both
- OIDC for mobile app with PKCE and client_secret
I came across this article In there the author suggests to use PKCE which is recommended by RFC 8252 But what I am a little bit confused about that the author also uses an application server that has the client_secret
- Why is OAuth2 OpenID Connect considered less secure than SAML WS-*?
Like you said, in the OAuth2 OIDC world usage of JSON Web Token (Learn JSON Web Tokens) encryption is not that common, but it could still be used if the use case demands it Usually, TLS on the transport side of things is enough
|
|
|