Descriptive Title1 | Actors | Actors from multiple organizations? | Is registration of RPs required? | Mobile Authentication?2 | Information required by RP (including non-identity)? | Permission revocation required? | Consent required? | Software operated locally or SaaS? | Developed locally? Language and IDE? | |
---|---|---|---|---|---|---|---|---|---|---|
1 | Provision of K-12 services using OIDC claims without a gateway | K-12 students | Eventually yes; currently only one IdP | No | ||||||
2 | OAuth2 authentication for APIs / web services | App developers, end-users | Yes | No | ||||||
3 | IdP authentication using Google or Facebook credentials | End-users | No | No | ||||||
4 | Authentication for Nginx / Node.js based applications | App developers | Yes | No | ||||||
5 | Provision of services authenticating via OIDC without a gateway | Researchers | Yes | No | ||||||
6 | Authorization by students to release information (e.g., class schedules, debit card balances) to other applications | Students | No | Yes | ||||||
7 | Mobile access to medical contact information | Physicians | No | Yes | ||||||
8 | Mobile access to HIPAA covered patient information | Physicians | No | Yes | ||||||
9 | Mobile API access to whitepages | End-users | Yes at some institutions | Yes | ||||||
Notes
- 1 - Titles will be links to full descriptions on separate pages.
- 2 - "No" means "not mentioned in the use case description."
Related Presentations and Articles
- Safe OAuth for Mobile Developers - a Youtube recording of a SalesForce conference presentation on how to apply OAuth correctly(?) in Native Mobile app scenarios
- Modern authentication solutions with OAuth 2 0, OpenId Connect and AngularJS - Manfred Steyer - Youtube recording of a succinct , human friendly explanation of how OAuth and OIDC compares, and how it's used in a Single Page Web application (Javascript web application)