Federation / SSO to Applications

OpenIAM supports SSO to your applications either through:

  • Federation protocols such SAML 2, oAuth 2, OpenID Connect (OIDC)
  • Legacy applications using the reverse proxy

The procedures to enable integration between OpenIAM and your applications is described in the sections referenced below.

SSO MethodDescription
SAMLSecurity Assertion Markup Language 2.0 (SAML) is a version of the SAML standard for exchanging authentication and authorization identities between security domains. OpenIAM can act as both an Identity Provider and Service Provider.
oAuth 2OAuth 2.0 is the industry-standard protocol for authorization
OIDCOpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.
OpenIAM rProxyOpenIAM Reverse Proxy is a webserver plugin which provides for proxying, authentication, and SSO to applications which do not support an SSO standard.
KerberosA security network protocol used for authenticating between trusted hosts. It can be set up using rProxy.