Cyber Protocols

OpenID Connect (OIDC) is an authentication protocol built upon the OAuth 2.0 authorization framework. This means that OIDC allows applications to verify a user's identity and obtain profile information securely, using JSON Web Tokens (JWTs) for data transfer. OIDC provides features like single sign-on (SSO), API-centricity, and ease of implementation, making it ideal for modern mobile and web applications. The document outlines the steps involved in a typical OIDC authorization flow, starting with a user initiating login and ending with the client verifying the user's identity and granting access to its resources.

OAuth (Open Authorization) is a security protocol that allows third-party applications to access user data on another service without requiring the user to share their password. This is achieved by using access tokens, which are secure, time-limited keys issued by an authorization server after the user grants permission. The process involves several steps, starting with the user attempting to access a resource, followed by the client requesting authorization, and culminating in the client receiving an access token that it uses to access the user's resources on the resource server. OAuth enhances security by preventing applications from directly accessing sensitive user data, thereby safeguarding privacy.

The SAML (Security Assertion Markup Language) protocol is an open standard that enables secure, federated Single Sign-On (SSO) between an Identity Provider (IdP) and a Service Provider (SP), allowing users to authenticate once and access multiple applications without re-entering credentials. Through the exchange of digitally signed XML-based SAML assertions, the IdP verifies user identity and securely shares this information with the SP, enhancing both security and user convenience by centralizing authentication and reducing the need for repeated logins.