Authentication and Authorization Overview
Organizing resources and design solutions related to Authentication and Authorization in system design.
Terminology
- SSO: Single Sign-On
- CAS: Central Authentication Service
- SAML: Security Assertion Markup Language
- OIDC: OpenID Connect
OAuth2 & OIDC
解决认证问题,身份是否合法,一般用 OpenID Connect
解决授权问题,选择访问资源,一般用 OAuth2
Identity-as-a-Service
Providers
- Azure Active Directory (Azure AD).
- Amazon Cognito
- Google Cloud Identity
- 阿里云 应用身份服务
- authing
- auth0
- okta
- keycloak
Reference
- 阿里云 - IDaaS 术语表
- Open Policy Agent (OPA) An open source, general-purpose policy engine.
- Casbin An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
- Dex IdP OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
- OAuth2 Proxy A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.