What is the difference between claim based authentication vs. OAuth?
I'm looking at conceptual differences and not technical differences I choose claims and vice versa on OAuth.
Claim based authentication has been proposed by Microsoft and built on top of WS-Security. But Oath is an open source protocol that is being proposed to allow resources to be brought from various portals on the basis of a security token.
Claim to Token (SAML Encoded or X509 Certificate)
I am trying to understand when I choose the claim on OAuth and vice versa.
Thanks
Claim-based identity is a way of decoupling your application code The specifics of identity protocols (such as SAML, Kerberos, WS-Security, etc.) are not only for web applications and which have been implemented as NAT library / framework.
OAuth is a specific protocol through which a web site can obtain user consent to access your personal data on other web sites.
This is not really the case that you will choose one or the other, in fact they are complementary. Potentially you can use both at once, if you have one. The NET was creating web apps that would show OAuth by WIF.
Comments
Post a Comment