5 - MFA Standards

A modern MFA solution needs to deliver stringent security and enable you to stretch your current investments to meet new threats and opportunities. Support for open identity standards ensures these requirements are met.


As the world becomes increasingly interconnected, businesses will need to find new ways to federate trust to connect applications and services across their entire ecosystem of customers and partners. Support for simple, practical and widely beneficial identity standards eases these integrations, allowing businesses to leverage legacy investments, external data sources and third-party cloud applications without custom connectors and integration kits.


The following standards have been independently reviewed by leading security professionals to provide the strongest levels of security and seamless integration with existing infrastructure.


OAuth 2.0

OAuth 2.0 is the industry-leading standard for enabling access to APIs. Simply put, OAuth 2.0 is a standard framework that allows an application to securely access resources on behalf of users without requiring their passwords. This open authorization also lets the user understand what kinds of access and information the application is requesting, and then provide consent.


OpenID Connect 1.0

OpenID Connect adds an identity layer to OAuth 2.0 and simplifies existing federation specifications. It enables identity federation as well as delegated authorization and includes other capabilities to enhance dynamic interoperability.



Security Assertion Markup Language (SAML) is an open XML standard for exchanging authentication and authorization data between an identity provider and a service provider. SAML allows businesses to safely share identity information across domains. The process is often called federation.   



Fast Identity Online (FIDO) defines a set of technology-agnostic specifications for strong authentication. FIDO was designed to reduce reliance on hard-to-remember passwords to authenticate users and address the lack of interoperability among strong authentication devices.


Chapter 6