|
|
|
|
|
|
by tonyarkles
2976 days ago
|
|
|
OIDC is definitely my preferred approach, but that's kind of the point of the article. Big orgs & governments, today, are generally going to be using SAML, if you're lucky (other times they're going to ask you to integrate directly with their 2-decade-old Active Directory). SAML's kind of quirky, but the handful of integrations I've done so far haven't been that bad. Most of the pain comes from all of the half-baked implementations. I used to get riled up when a customer would ask "can you please not use signed or encrypted assertions? Our side doesn't support that"... now I just mostly shrug, make sure we're doing it over HTTPS, and... meh. |
|
|