Federation / SSO to applications
OpenIAM supports SSO to your applications through either option below.
- Federation protocols such SAML 2, oAuth 2, OpenID Connect (OIDC).
- Legacy applications using the reverse proxy.
The procedures to enable integration between OpenIAM and your applications are described in the sections referenced below.
| SSO Method | Description |
|---|---|
| SAML | Security Assertion Markup Language 2.0 (SAML) is a version of the SAML standard for exchanging authentication and authorization identities between security domains. OpenIAM can act as both an Identity Provider and Service Provider. Hence, you can either . |
| oAuth 2 | OAuth 2.0 is the industry-standard protocol for authorization. |
| OIDC | OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. |
| OpenIAM rProxy | OpenIAM Reverse Proxy is a webserver plugin which provides for proxying, authentication, and SSO to applications which do not support an SSO standard. |
| Kerberos | A security network protocol used for authenticating between trusted hosts. It can be set up using rProxy. |