Difference between SAML and OAuth

Overview of SAML
1. The user makes a request to Force.com for a specific resource.
2. Force.com detects the user needs to authenticate and redirects the user to their SAML Identity Provider.
3. The user accesses their IdP and authenticates.
4. Once authenticated, the IDP sends a SAML Response back to Salesforce.com.
5. Force.com processes the SAML assertion and logs the user in.

Overview of OAuth

1. The OAuth Client makes an authorization request.
2. The Authorization Server authenticates the user.
3. The user authorizes the application.
4. The application is issued an OAuth token.


No comments:

Post a Comment