OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices. OpenID Connect and UMA, both supported by the OX platform, are profiles of OAuth 2.0.
OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol that supports a suite of lightweight specifications to provide a framework for identity interactions via REST like APIs.
oxAuth is Gluu’s open source interop-leading OpenID Connect 1.0 Provider (“OP”) which implements OAuth 2.0, Authentication, Simple Web Discovery, and Dynamic Client Registration. Interop Results
An OpenID Connect Client can be a web, native, or other application that accepts OpenID Connect tokens for attribute exchange and single sign-on.
SAML is an XML-based open standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider (IDP) and and a Relying Party (RP).
Shibboleth is an open-source project that provides software to create a SAML IdP for Single Sign-On. Gluu’s oxTrust application provides a simple web based interface to manage Shibboleth for SAML SSO relationships.
A SAML Service Provider, or SP, is a website or application that accepts SAML tokens from a SAML IDP for secure attribute exchange.
User-Managed Access (UMA), also a profile of OAuth 2.0, aims to develop an authorization system that puts an individual in full control of their resources which may be scattered across multiple Web applications.
The UMA PDP, or Policy Descion Point, positions an organization to be able to utilize the API management capabilities of UMA.
The UMA PEP, or Policy Enforcement Point, is where the resource provider notates who has access to what information with which credentials; essentially keeping a log of all API interactions.
RADIUS is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service.
The RADIUS server built into the OX platform allows an organization to leverage their LDAP or Active Directory and strong authentication for wi-fi and VPN access.
Typically a wireless server or a VPN.
The Simple Cloud Identity Management (SCIM) specification defines a simple, RESTful protocol for identity account management operations. SCIM’s model is based upon the experience of existing schemas and SaaS deployments, with specific emphasis on simplifying development and integration, and wherever possible, applying existing authentication, authorization, and privacy mechanisms.
oxTrust is a JBoss Seam application that provides organizational cloud identity management services, including REST service endpoints and a user friendly cloud identity management console (aka a GUI).