All Products
Search
Document Center

Identity as a Service:2. Applications that use standard protocols

Last Updated:Mar 29, 2023

Enterprise identity management systems use internationally accepted common identity management protocols. Mature enterprise software uses international standard protocols to make it easy for customers to integrate the software with their IdPs. In our case, IdP is IDaaS.

IDaaS allows you to configure single sign-on (SSO) for applications that support standard protocols.

image

Benefits of using standard protocols

Enterprise applications that use standard protocols have the following advantages:

  • Higher maturity. Support for standard identity protocols demonstrates the maturity of an enterprise application.

  • Wider applicability. Standard protocols enable the interoperability between account systems of an enterprise. An enterprise application that supports a set of standard protocols allows customers to choose the identity providers that are best suited to their needs.

  • Higher security. Custom protocols involve security risks. International standard protocols undergo a strict process before they are released. Therefore, the protocols support a complete range of scenarios and ensure security.

Note

It takes a short time to integrate with standard protocols. If you are an enterprise application vendor and want to integrate your software with standard protocols, you can contact us. We will add your enterprise application to the IDaaS application marketplace to make it available for intended consumers. ​

Standard protocols supported by IDaaS

Standard protocol

Description

OIDC

Released in 2014, OpenID Connect (OIDC) is an open authentication protocol that is built on top of the OAuth 2.0 authorization protocol. The OIDC protocol adds a layer of user authentication by issuing id_token in the JSON Web Token (JWT) format, and is applicable to both authentication and authorization scenarios. It provides the best configuration and integration experience among modern identity management systems.

SAML 2.0

Released in 2005, Security Assertion Markup Language V2.0 (SAML 2.0) is still the most widely used SSO protocol in the world. Most mature enterprise applications support the SAML protocol. SAML 2.0 is an XML-based protocol and has poor adaptability in some edge scenarios for historical reasons.

OAuth 2.0 Future

Released in 2012, OAuth 2.0 (RFC 6749) is the most commonly used authorization protocol. The implementation of the OAuth 2.0 protocol is divided between Authorization Server (AS) and Resource Server (RS). As a lightweight and flexible protocol, OAuth 2.0 is used for scenarios such as logon by using WeChat and logon by scanning a QR code with DingTalk.

CAS 3.0 Future

Central Authentication Service (CAS) 3.0 was released in 2013. Developed and maintained by Yale University, CAS is supported in many applications.

You can search for "{{application name}} SSO" or "{{application_name}} SSO" in the search engine or application documentation to check whether the application you want to connect to IDaaS supports SSO standard protocols.