SAML vs OAuth 2.0 vs OpenID Connect
Understanding the differences between the three most common authorisation protocols
The world of Identity and Access Management is ruled by two things – acronyms and standards. In our popular blog post on SAML vs OAuth we compared the two most common authorisation protocols – SAML2 and OAuth 2.0. This white paper extends that comparison with the inclusion of a third protocol, OpenID Connect. We also touch on the now obsolete OpenID 2.0 protocol.
In this white paper, you will learn:
- A version history and background to the three most common authorisation protocols – SAML, OAuth & OpenID
- Comparisons of the protocols
- Protocol suitability for certain business needs and best use cases, including enterprise, federation, API authorisation, UMA, Customer SSO, Customer IAM & mobile