Entries by Apurva Bhansali

,

FIDO 2.0 – standardized authentication

FIDO stands for Fast Identity Online. The FIDO Alliance was created with the main objective to eliminate the use of password over the Internet. Many industry leading online websites, PC manufacturers and other software and hardware vendors actively participate in the development of the FIDO standards. The FIDO Universal Second Factor (U2F), FIDO Universal Authentication […]

SCIM 2.0 – provisioning identities

As the number of applications used in modern organizations continues to grow, IT admins are tasked with access management at scale. Standards such as SAML or Open ID Connect allow admins to quickly set up single sign-on (SSO), but access also requires users to be provisioned into the app. To many admins, provisioning means manually […]

,

SAML 2.0 – a popular B2B SSO protocol

In the past, single sign-on (SSO) was typically achieved only through “password fill”, where the SSO software would prompt the user the first time he or she visits a website to enter their password. Then the next time the user visits the site, the SSO software detects that there is a password saved and either […]

,

OpenId Connect – Yes, you have used it!

We have all used a website that allowed you to “Sign-in with Google” or “Sign-in with Facebook” instead of creating yet another username and password for that you have to remember. But have you ever wondered how this is implemented? Well this is where OpenId Connect comes to the rescue. OpenId Connect was developed to […]

,

OAuth 2.0 – authorizing user access

OAuth 2.0 is an authorization protocol that allows a user to authorize access to data and APIs (resources) from one application to another. Even though OAuth 2.0 is not an authentication protocol, often times the user must be authenticated by the application providing access before access to resources can be authorized. In a nutshell, using […]