On Thu, Mar 30, 2017 at 3:36 PM, Sajith Kariyawasam <[email protected]> wrote:
> > 2. Access token retrieved via Authorization code grant > +1 for the second approach I guess you are suggesting to use OpenID Connect ? I guess the only additional requirement is the user info endpoint [1] Regards Jo [1] http://openid.net/specs/openid-connect-core-1_0.html#UserInfo > > When a user requests a resource, if he is not authenticated he will be > redirected to the Authorization server. > Then user provides username / pwd there and will get an authorization code. > Then that authorization code is used to obtain the access token and use > that access token in subsequent calls. > > > Therefore it seems that, there is no real need of using SAML here, > and implementation wise its much simpler to use 2nd approach as there > won't be any dependencies for SAML libraries like we had in C4. > > Appreciate your thoughts in this > > > Image reference : https://www.mutuallyhuman.co > m/blog/2013/05/09/choosing-an-sso-strategy-saml-vs-oauth2/ > > > Thanks, > Sajith > > -- > Sajith Kariyawasam > *Associate Tech Lead* > *WSO2 Inc.; http://wso2.com <http://wso2.com/>* > *Committer and PMC member, Apache Stratos * > *AMIE (SL)* > *Mobile: 0772269575* > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- -- *Joseph Fonseka* WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: +94 772 512 430 skype: jpfonseka * <http://lk.linkedin.com/in/rumeshbandara>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
