Versions Compared

Old Version 7

changes.mady.by.user Nathan Dors (washington.edu)

Saved on

compared with

New Version 8

changes.mady.by.user Thomas Lenggenhager (switch.ch)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: These links were a copy/paste relic from CAS.

...

TitleTypeBuilds onPrimary goal(s)Learn more
ColumbiaDeploymentPingFederate

LBNLDeployment


UWash - OAuth for Web APIsDeploymentOAuth Client CredentialsAPI Authorization - system to system access
UWash - Social2SAML GatewayDeploymentSATOSAEnable social login for SAML SPshttps://wiki.cac.washington.edu/x/8wr-B
UWash - Microsoft Infrastructure - Azure ADDeploymentAzure ADEnable sign in using UW NetIDhttps://itconnect.uw.edu/service/azure-active-directory/
CILogon OIDCDeploymentOIDC
R&E OIDC Profile

Add OIDC to CILogon
Provide user authentication to OIDC clients
Translate SAML and to OIDC

https://www.cilogon.org/oidc
ORCID API - OAuthDeploymentOAuth 2.0

ORCID API Authorization
Provide access to client applications
Delegate access to ORCID record

https://members.orcid.org/api/oauth
Globus AuthDeployment

RFC 7636 (PKCE)
OIDC 1.0
OAuth 2.0

Globus API Authorization
Authorize client access to services
Provide user authentication to OIDC clients
Translate between SAML and OIDC

https://members.orcid.org/api/oauth
Spanish SIR2 Federation - AppAuth ProxyDeployment

AppAuth
SimpleSAMLphp
simplesamlphp-module-oidc
PHP OAuth 2.0 Server

Provide user authentication via OIDC to native mobile apps
Enable use of SIR2 SAML IdPs
Translate SAML and to OIDC

https://tnc18.geant.org/core/presentation/217

http://wiki.rediris.es/SIR2/AppAuth_demo_apps

https://redir.is/appauthand

SATOSAImplementationOIDC
OIDC Federation 1.0		Translate between OIDC and SAML (and OAuth/Social?)https://github.com/IdentityPython/SATOSA
MPASSidImplementationOIDCTranslate between OIDC and SAML (and OAuth/Social?)https://github.com/Digipalvelutehdas/MPASSid-proxy
GÉANT Shibboleth OIDC PluginImplementationOIDC Conformance Profiles
R&E OIDC Profile		Add OIDC to Shibboleth IdPhttps://github.com/CSCfi/shibboleth-idp-oidc-extension
Chicago-Unicon Shibboleth OIDC OverlayImplementationOIDC Conformance ProfilesAdd OIDC (Code flow) to Shibboleth IdPhttps://github.com/uchicago/shibboleth-oidc
CASImplementationOIDC?
OAuth 2.0?		CAS server goals?
CAS client goals?
Translate between OIDC and SAML
Add OAuth/Social?

https://apereo.github.io/cas/5.3.x/protocol/OIDC-Protocol.html

https://apereo.github.io/cas/5.3.x/protocol/OAuth-Protocol.html

Azure Active DirectoryImplementationOIDC Conformance Profiles
OIDC
OAuth 2.0		Enable integration with Azure AD
Enable OIDC for end user authentication
Enable OAuth for API authorization

https://docs.microsoft.com/en-us/azure/active-directory/develop/azure-ad-developers-guide

Spring Security 5.0ImplementationSpring Security
OAuth 2.0
OIDC		Add OAuth 2.0 to Spring Security
Add OIDC to Spring Security

https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Features-Matrix

https://spring.io/blog/2018/01/30/next-generation-oauth-2-0-support-with-spring-security

AppAuth SDKImplementationRFC 7636 (PKCE)
RFC 8252 (Native Apps)
OIDC
OAuth 2.0		SDKs for native mobile apps
Implement best practices
OIDC for end user authentication
OAuth for API authorization

https://apereo.github.io/cas/5.3.x/protocol/OIDC-Protocol.htmlhttps://apereo.github.io/cas/5.3.x/protocol/OAuth-Protocol.htmlappauth.io


R&E OIDC ProfileStandard - profile - conformanceOIDCPromote security and interoperability
Enable implementations		coming in 2019!
OIDC Conformance ProfilesStandard - profile - conformanceOIDCEnable certification of implementationshttp://openid.net/certification/
iGov Assurance Profile for OpenID Connect 1.0Standard - profile - conformanceOIDC
iGov Assurance Profile for OAuth 2.0		OIDC for end user authentication
Increase baseline security
Provide greater interoperability
Enable consumer-to-government deployments		http://openid.net/wg/igov/
iGov Assurance Profile for OAuth 2.0Standard - profile - conformanceOAuth 2.0API authorization
Increase baseline security
Provide greater interoperability
Enable consumer-to-government deployments		http://openid.net/wg/igov/
OpenID Connect Federation 1.0Standard - profileOIDC 1.0
OAuth 2.0 Authorization Server Metadata		Establish trust between clients and IdPs
Introduces federation operator (trusted 3rd party)
Standardizes metadata statements
Verify and enforce common policies
Transfer verified metadata


http://openid.net/specs/openid-connect-federation-1_0-04.html
OpenID Connect 1.0Standard - profileOAuth 2.0

End user authentication, user claims
A simple identity layer on top of OAuth 2.0
Allows clients to verify the identity of user
Allows client to obtain basic profile information
User authentication done by OAuth Authorization Server

http://openid.net/connect/
OAuth 2.0Standard - frameworkOther standardsAPI authorizationhttps://oauth.net/2/

...