Menu
I know that SAML can be used for user Authentication, but what about the permission levels a user has? Can it also be used for Authorization as well? If not, what are the best alternatives for Open Source Authorization software?
547
SAML does not do authorization explicitly. It simply provides the attributes in the SAML token and it's up to the application as to how these are handled.
The same is true for WS-Federation.
For OAuth2, the "attributes" it provides are somewhat limited. And you still have to authenticate e.g. OpenID Connect.
158
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
