Table 2 SAML, OpenID Connect and OAuth2.0 Specifications.
From: SSH-DAuth: secret sharing based decentralized OAuth using decentralized identifier
| Â | SAML | OpenID connect | OAuth2.0 |
|---|---|---|---|
Open Standard for | Authorization and Authentication | Authentication | Authorization |
Developed by | OASIS | OpenID Foundation | Twitter and Google |
Developed in | 2001 | 2014 | 2006 |
Primary usecase is SSO for | Enterprise Apps | Consumer Apps | API Authorization |
Used from | 2001 | 2014 | 2012 |
When to use | User or corporate partner to access web service | Authenticate users without an account | Temporary resource access to 3rd party apps on a legitimate user’s behalf |
Security | XML Signing | Access token validation | Access token validation |
