secure interoperability made possible
Open standard protocols for identity federation define how service providers (SPs) and identity providers (IdPs) exchange identity information. Open standards are critical to enable secure interoperability between unique identity systems, web resources, organizations and vendors. Multiple federation protocols are used today to meet requirements for a wide range of identity use cases and diverse user populations. The Ping Identity Platform is based on standards and gives our customers the secure and seamless experiences they need.
saml: scales your federated identity solution
The Security Assertion Markup Language (SAML) identity federation standard enables the secure exchange of authentication and authorization information between security domains. The SAML standard makes it possible to implement a scalable and secure federated identity solution across organizations, and it’s the most common protocol used to enable web SSO today. The OASIS Standards Consortium recently approved SAML 2.0, but older versions including SAML 1.1 and SAML 1.0 remain widely in use.
openid connect 1.0: exchanges user identity data securely
OpenID Connect adds an identity layer on top of the core OAuth 2.0 protocol, enabling a broad array of web, mobile and JavaScript-based clients to exchange end user identity and session data. Based on REST and JSON, it uses the same building blocks as the modern application architectures and APIs it secures. As more companies focus on digital consumer engagement and the IoT, OAuth and OpenID Connect are likely to become even more valuable in securing identity data in an increasingly complex ecosystem.
oauth 2.0: creates consistent, flexible identity framework
OAuth 2.0 defines an authorization framework for people, devices or apps to securely access protected resources through applications or APIs. Third-party applications can gain approval for limited access to an HTTP service, by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. This enables a single, consistent and flexible identity and policy architecture for web applications, web services, devices and desktop clients to access APIs on behalf of the user. OAuth 2.0 has emerged as a key platform on which to build in support of new use cases, such as OpenID Connect.
scim: keeps user identities in sync
The System for Cross-Domain Identity Management (SCIM) is a federated provisioning standard, used to manage identities between an IdP and an SP. SCIM provides a cross-application approach to managing users, groups and devices. The standard leverages modern protocols like REST and JSON in order to reduce complexity and provide a more straightforward approach to user management. SCIM allows easier, more powerful and standardized communication between identity data stores.