Before diving into oauth, we need to know
what is Identity Provider. How Identity Provider
works with Single sign-on. Different types
of Single sign-on. Finally we can see why
and how we need to use OAuth.
Now Lets start with Identity Provider.
No One want to manage hundred or lakhs of
existing users profile. Use those profiles
to authenticate them when they tried to access
the application . Also adding new users profile
is another hassle for application owners.
That is why identity Providers come in picture.
Identity providers handle the storage and
authentication of the credentials users use
to log in to systems .
IdPs communicate with application using Security
Assertion Markup Language also know n as SAML.
or use data formats like Open Authorization
also known as OAuth
We need to know the difference between Identity
providers and service providers
The service provider is the entity that maintains
the digital resource that a user is trying
to access
The identity provider delivers authentication
credentials to the service provider at the
user's request.
An SSO, or single sign-on, service is a unified
place for users to sign in to all their services
at once.
This prevents the need for the user to log
in separately into the different applications.
Single Sign-On addresses the challenge of
maintaining the credentials for each application
separately
How SSO works?
The user requests access to their desired
application/website. That application/website
is from the Service Provider.
The Service Provider redirects the SSO Request
to Identity Provider for authentication.
The Identity Provider sends back the SSO Response
to the Service Provider.
On receipt of the SSO Response, the user is
granted the access to log in and access the
resource or application.
Now the user can access all the other applications/websites
from the Service Provider which are configured
for SSO.
We have Different types of SSO. Most commonly
used SSo are SAML and Oauth
We can See more about the saml in next session.
